iMac cannot resolve DNS (or find route to host?) for some sites but Windows can?

In my home network I have a couple of Windows based PCs that have no known issues with DNS but with my OSX iMac I have problems resolving a couple of random domains. Some domains that I have problems with are:

ehow.com
about.com
nationalshoppingservice.com

Besides looking at the /etc/hosts file (which I think is fine) what should I check on the iMac for problems associated with DNS or what tools should I used to help diagnose the issue that I am facing?

Using the dig command I get:

; <<>> DiG 9.4.3-P3 <<>> @4.2.2.2 www.nationalshoppingservice.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3468
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.nationalshoppingservice.com. IN    A

;; ANSWER SECTION:
www.nationalshoppingservice.com. 14400 IN A 64.40.111.81

;; Query time: 86 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Tue Apr 12 18:22:42 2011
;; MSG SIZE  rcvd: 65

After trying some of the suggestions I believe DNS is the wrong problem ... when I did a ping of www.nationalshoppingservice.com this is what I got:

PING www.nationalshoppingservice.com (64.40.111.81): 56 data bytes
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host
ping: sendto: No route to host

So this looks like the DNS is resolving but the route to host cannot be found? What is going on here?

Wally Atkins

Posted 2011-04-11T02:24:23.833

Reputation: 113

Answers

The command line is going to be your friend. 1st you may not have a DNS issue at all. You need to determine that first. The best tool for this job is dig. Open Terminal and type

dig @4.2.2.2 ehow.com

The components of this command:

dig          :   the command
@4.2.2.2     :   this tells dig where to ask.  We are specifically asking a
                 known provider in this case Level3.  You could easily put
                 8.8.8.8 (Google) or any other provider here.
ehow.com     :   the domain you wish to query for.

You will get back output like:

; <<>> DiG 9.7.2-P2 <<>> @4.2.2.2 ehow.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43699
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ehow.com.          IN  A

**;; ANSWER SECTION:
ehow.com.       118 IN  A   98.124.249.20**

;; Query time: 1 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Mon Apr 11 01:51:12 2011
;; MSG SIZE  rcvd: 42

The ANSWER SECTION is the important part. If you get an answer then you know your iMac is fine and it can "get" access to that domain.

The next step is to replace the @4.2.2.2 with the IP or hostname of your regular DNS server. This is typically provided to you by your ISP. If you get the same answer then you know DNS is not your problem and you can begin to look elsewhere. You also what to perform these tests a few times to make sure you are getting good response times. If you ever get:

;; connection timed out; no servers could be reached

Then you know that you are not getting back a response. If this happens intermittently you may notice it more on the iMac versus your windows machines because of caching. I have found in my experience Windows machines cache DNS responses longer than Macs.

Ketema

Posted 2011-04-11T02:24:23.833

Reputation: 683

To troubleshoot DNS problems on Mac OS X, you have to use both a traditional Unix DNS lookup tool like (pick one:) host,dig, and nslookup, as well as a modern tool that calls Mac OS X-specific DNS lookup APIs, such as dns-sd -Q.

The DNS lookup APIs that most Cocoa apps call get routed through the mDNSResponder daemon, which means if your GUI apps are having DNS lookup problems, dns-sd -Q will probably show you the same thing.

Traditional Unix DNS lookup tools use more traditional Unix DNS resolver code, which means they may be able to resolve things that Cocoa apps can't (and vice-versa).

If you can look something up with dig but not with dns-sd, then you could try killing the mDNSResponder daemon and letting launchd automatically relaunch it (I've found that HUPping mDNSResponder isn't always enough).

sudo killall mDNSResponder

Spiff

Posted 2011-04-11T02:24:23.833

Reputation: 84 656

Do you have any IP-blocking software or similar things installed on your iMac?

Also, try going into Preferences->Network->Advanced->DNS and reset your DNS entries; get rid of any extraneous ones.

If that doesn't work, try (temporarily) making a new account on your iMac, or log into another one, and see if you can access the websites from those.

Vervious

Posted 2011-04-11T02:24:23.833

Reputation: 4 654

No IP blocking that I am aware of ... – Wally Atkins – 2011-04-12T22:02:14.393

To test something, you could go to Preferences->Network->Advanced->DNS and add a DNS entry for Google's public DNS 8.8.8.8. If that resolves the issue, then you will have to figure out what DHCP settings your router is using when handing out IP addresses and DNS info. If your router is getting it's DNS info from your ISP, then that could be your problem, maybe just a slow response. You don't have to use your ISPs DNS settings.

I often use 8.8.8.8 to test, but primarily use Opendns for added control.

Hope that helps

lysdexic

Posted 2011-04-11T02:24:23.833

Reputation: 226