Bizarre DNS Issue

I've been having an intermittent issue recently on my MacBook Pro: every so often, I'll start getting bad DNS results. For example: I type in facebook.com, and another website loads up instead of Facebook. If I clear the DNS cache with dscacheutil -flushcache, the problem is instantly fixed, but that doesn't stop it from happening again, of course. This happens with OpenDNS, Google's DNS, and my ISP's DNS, so it's definitely not the DNS server. I am at a loss trying to figure out what might be happening. Any ideas?

jwkpiano1

Posted 2011-02-24T08:07:29.070

Reputation: 111

What browser are you using? Is it happening with other sites too? – Olli – 2011-02-24T08:20:42.210

I had a similar problem once where the way Mac OS X 10.6 was communicating with my wireless router was causing exactly such strange hiccups, in a way that other (10.5) computers on the same network were experiencing the same. Upgrading the firmware on the router fixed the problem. – Asmus – 2011-02-24T09:30:43.657

Answers

The question remains unsolved of where do these bad DNS entries come from in the first place. If this was not a Mac, I would have advised a virus scan. But in any case, I would check any extensions currently installed in your browser, or try Safe mode (without extensions), or try another browser.

Another possibility might be that your router is caching the bad DNS. Check if there is any setting for turning this off, or a firmware update. It might also help to know which model is the router and its firmware version.

This blog could also maybe be of help : Clear DNS Cache on your router.

With your router's exact make, I was able to find WRT160N V3 has serious DNS issues.
It seems you are not alone. It says :

I've just configured the TCP/IP on my PC to not automatically obtain DNS server addresses, instead I put in my ISP's servers manually.

Everything has been absolutely trouble-free since I manually took the router address out of my DNS server list two days ago. I'm satisfied that the DNS proxy dis-service that is built into the WRT160N v3 is entirely responsible for the screwy DNS issues described above.

harrymc

Posted 2011-02-24T08:07:29.070

Reputation: 306 093

Hmm.. if my router were caching these bad results, though, wouldn't flushing my computer's cache not fix it then? In any case, I have a WRT160Nv3 Linksys router with firmware version 3.0.02. – jwkpiano1 – 2011-02-25T08:41:03.573

See my addition above. – harrymc – 2011-02-25T09:29:09.233

I just went ahead and installed dd-wrt while I was at it.. everything seems to be going smoothly now. Thanks! – jwkpiano1 – 2011-02-26T06:46:01.890

I agree with Answer 1. The sites you are getting re-directed to - are they normal sites ? or site such as porn gambling pills etc ?

Have you used nslookup or digg before and after the DNS cache flush ? Does the command line lookup match the browser lookup ? if not then it sounds like something maybe manipulating your browser.

AndyM

Posted 2011-02-24T08:07:29.070

Reputation: 156

Just normal sites. I was sent to Moviefone.com instead of Facebook once. – jwkpiano1 – 2011-02-25T08:37:21.890

There is no "Answer 1" in this website - this isn't an ordered blog. See the FAQ.

– harrymc – 2011-02-25T09:28:34.710