• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How to check what DNS server OS X is using to resolve a given name?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to check what DNS server OS X is using to resolve a given name?

  • Subject: Re: How to check what DNS server OS X is using to resolve a given name?
  • From: Alexis Gallagher <email@hidden>
  • Date: Sat, 14 Jul 2012 13:24:02 +0100
Hi Josh,

Thanks for this pointer. This has gotten me much farther along.

However, sending the INFO signal to mDNSResponder just causes it to dump the general DNS configuration state, which is the same info I can get from "scutil --dns". And "dns-sd -G" only reports what IP address a given name resolves to, not which particular DNS server was used to resolve the name.

But knowing which DNS server was used for a particular name is the information that dig and nslookup provide and that I need to debug DNS settings. Do you know if there's a public API or tool that delivers that info?

I'm guessing there's not, since it seems to be handled by the non-exported functions GetServerForQuery and GetBestServer in mDNS.c . (I'm looking at code at http://www.opensource.apple.com/source/mDNSResponder/mDNSResponder-320.5/mDNSCore/mDNS.c , but I may not understand what I'm seeing.)

Fortunately, I was able to extract the information by turning on logging and watching the log output. But I'm hoping there's a less awkward way.

Thanks again,
Alexis

P.S. In case anyone is following along at home, here's a bash script that observes the system log to determine which DNS server OS X is using to resolve google.com, for instance:

  # enable logging on mDNSResponder
  sudo killall -USR1 mDNSResponder
  # set logging to the maximum
  sudo syslog -c  mDNSResponder -d
  # start capturing log to a temporary file
  syslog -w 0 | grep GetServerForQuestion > /tmp/resolutionquery.log &
  # use python to resolve an address using the POSIX API
  python -c "import socket;socket.gethostbyname_ex('google.com');"
  # stop capturing the log
  jobs -p | xargs kill -SIGINT
  # shut off increased logging
  sudo killall -USR1 mDNSResponder
  # display captured output
  cat /tmp/resolutionquery.log

Then you look for the log entries for GetServerForQuestion.


On Jul 13, 2012, at 15:07, Josh Graessley <email@hidden> wrote:

>
> You can use the full resolver code path with:
> dns-sd -G v4v6 www.apple.com
>
> You can run "sudo killall -INFO mDNSResponder" to dump state to the system log.
>
> -josh
>
> On Jul 13, 2012, at 4:18, Alexis Gallagher <email@hidden> wrote:
>
>> Hi,
>>
>> I'd like to debug my DNS settings. What tool does OS X offer that will let me observe what DNS server the system is using to resolve a domain name?
>>
>> I would normally just call dig or nslookup but the man pages warn that "The dig command does not use the host name and address resolution or the DNS query routing mechanisms used by other processes running on Mac OS X". Similarly for nslookup. A little experimenting suggests the Lookup command in the Network Utility app seems to have similar problems.
>>
>> "scutil -r" will report if OS X can reach a host specified by domain name, but it doesn't tell me how it reaches it. Another problem with "scutil -r" is that it seems to be broken — right now, on my machine, "scutil -r" tells me that github.com is not reachable by name, even though Safari can reach it by name and "scutil -r" can reach it by IP address. So I'm not sure what to make of that.
>>
>> Similarly, I know that "scutil --dns" shows all the DNS resolvers, but my whole purpose here is to verify that a complicated resolver configuration is behaving as I expect. I want to be able to exercise the system and see what it's doing.
>>
>> My DNS setting is complex because I'm trying to route some DNS queries to nameservers in a VPN, and others to nameservers outside the VPN. To do this I need to add custom resolvers to /etc/resolver, some of which are there just to override resolvers defined by the VPN server and created by the OS X built-in VPN client.
>>
>> Thanks,
>> Alexis
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Macnetworkprog mailing list      (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >How to check what DNS server OS X is using to resolve a given name? (From: Alexis Gallagher <email@hidden>)
 >Re: How to check what DNS server OS X is using to resolve a given name? (From: Josh Graessley <email@hidden>)

  • Prev by Date: Re: How to check what DNS server OS X is using to resolve a given name?
  • Next by Date: Explain NSURLAuthenticationMethodServerTrust to me?
  • Previous by thread: Re: How to check what DNS server OS X is using to resolve a given name?
  • Next by thread: Explain NSURLAuthenticationMethodServerTrust to me?
  • Index(es):
    • Date
    • Thread