Nameserver query order in Mac OS X?

I have a home network with 2 Macs and one Linux box. There is a caching DNS nameserver on the Linux box. I would like the Macs to use the caching server, and only if that is inaccessible fall through to external DNS.

Do Macs rotate through all the configured nameservers or try them in order until one works?

Another quirk is that internal DHCP is served by my router (a Linksys WRT54GL), which has room for three nameservers. But if less than three are configured, the blank spots are filled in with whatever the router's external DHCP has provided -- in this case, Comcast's "Domain Helper" DNS breakage, which I don't want (the cache is configured to use Google's public DNS).

Thus, if Macs do round-robin, I need something to put in the other two spots. Is it bad to simply repeat the caching server's IP?

Reid

Posted 2010-09-06T19:42:51.707

Reputation: 477

Answers

From resolver(5):

If there are multiple servers, the resolver library queries them in the order listed. The algorithm used is to try a name server, and if the query times out, try the next, until out of name servers, then repeat trying all the name servers until a maximum number of retries are made.

Things can be complicated a bit by the fact that it can also use a multi-level configuration (see “SEARCH STRATEGY” in the afore linked manpage). Assuming there are no files in /etc/resolver/ (which would define different configurations for specific domains), then you should get the “in order” behavior for the configuration specified in /etc/resolv.conf.

There is no mention of repeated server addresses, but it seems like a reasonable approach if you are trying to prevent Comcast’s server from being considered. If it does not work you could use yet another external, public DNS provider (e.g. Google or Level 3). Or you could just add another address to the Linux box via an an IP alias (e.g. eth0:1).

Chris Johnsen

Posted 2010-09-06T19:42:51.707

Reputation: 31 786

there is no “SEARCH STRATEGY” in the afore linked manpage – Radu Simionescu – 2016-10-31T14:12:55.903

Thanks! And all Mac software goes through this library? (I vaguely remember reading somewhere that some doesn't...) – Reid – 2010-09-20T16:36:33.233

There is no practical way to force all software to use a single resolver library. No one can make a statement like “all Mac OS X software uses the system resolver”. Anyone that can build software can build it to use a different resolver library. Many OSes bundle BIND’s resolver library but there are other implementations available (e.g. the resolver library from djbdns).

– Chris Johnsen – 2010-09-21T02:37:04.133

To be pedantic, yes. Feel free to read my question as "all Mac software that doesn't do strange things". I'm just trying to figure out what the standard way of doing things on Mac OS X is. – Reid – 2010-09-21T20:19:06.470

There is an old KB article that might help you out. Mac OS X will go down in order all the servers listed in /etc/resolv.conf . http://discussions.apple.com/thread.jspa?threadID=1660439

– Madison S – 2010-09-24T17:18:40.580

I'm going to award the bounty given @Madison's clarification, despite your unhelpfully pedantic comment. Thanks @Madison - sorry I can't split the bounty. – Reid – 2010-09-26T02:36:56.527

According to RFC 2132, DNS servers SHOULD be listed in "order of preference". Since Apple changed their DNS implementation, I think somewhere between Tiger and Snow Leopard, and had some problems concerning IPV6 and IPV4 resolution, I am not sure if they follow the RFC. A test would be, to resolve an adress to something else on your Linux DNS cache, and then check, which server shows up on your macs.

MaoPU

Posted 2010-09-06T19:42:51.707

Reputation: 383