Ask Different Asked by jhfrontz on December 29, 2021
I’m running on 10.8.2. All of a sudden, traditional nameserver lookups are failing on my machine:
$ nslookup www.att.com
;; connection timed out; no servers could be reached
$ dig www.att.com
; <<>> DiG 9.8.3-P1 <<>> www.att.com
;; global options: +cmd
;; connection timed out; no servers could be reached
But operations that use name services work fine:
$ scutil -r www.att.com
Reachable
$ ping www.att.com
PING e2318.dscb.akamaiedge.net (23.1.57.145): 56 data bytes
64 bytes from 23.1.57.145: icmp_seq=0 ttl=55 time=22.862 ms
64 bytes from 23.1.57.145: icmp_seq=1 ttl=55 time=26.947 ms
^C
--- e2318.dscb.akamaiedge.net ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 22.862/24.904/26.947/2.043 ms
I’ve tried setting the name server addresses to different destinations via the network system preference (e.g., 4.2.2.2, 208.67.222.222, 208.67.220.220, etc.) but that doesn’t seem to make any difference.
I’m guessing there is an internal configuration file for the on-board DNS server that isn’t getting updated, but I haven’t a clue where to look for that.
For those searching around:
I was also hitting a wall with this issue, where ping and scutil were working with expected results but the dig command failed on everything - google, local network, company network, etc...
The issue was that dig was not able to read my /etc/resolv.conf file.
I fixed it with a quick chmod on my resolv.conf file.
sudo chmod 644 /etc/resolv.conf
This will make your resolv.conf file readable by all users, but only writable by the file owning user (which usually is root). This may not fix your problem, but it is a very quick and non-damaging step that you can take while you are trying to cover all the bases.
Answered by David Ross on December 29, 2021
I would dig into the results of:
scutil --dns
And check that no firewall is blocking DNS packets (little snitch, IPFW, Apple's Application Firewall, etc…) and that port 53 is open between your Mac and the DNS servers listed from your scutil dumping of DNS options that are configured and in use.
Pay specific attention to the bottom of this command - the DNS configuration (for scoped queries) portion is what is used for looking up actual hosts.
Answered by bmike on December 29, 2021
nslookup does not use the system DNS settings to my knowledge, but rather queries the servers from resolv.conf directly.
ping, on the other hand, uses the system resolver to resolve names, and so the query might go to other DNS servers. For example, you can configure per-domain name servers in /etc/resolver, but these will not be used by nslookup. (see man 5 resolver)
Unfortunately, I don't know how to find out the IP of the DNS server that is finally used by the system resolver.
Answered by Frank on December 29, 2021
I'm still not sure what was causing the problem, but after suffering from another seemingly unrelated issue, I did a complete re-install of 10.8. I had originally upgraded from 10.6 -- though the utilities had seemed to work fine for a while after the initial upgrade, my suspicion is that I did something to some unknown-to-me configuration while attempting to diagnose/resolve the other issue (something that apparently disabled some aspects of DNS access).
After the re-install, all DNS-related utilities are now working fine.
Answered by jhfrontz on December 29, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP