13
9
Our company network uses xxx.companyname.local
for all the servers on our local network. Whenever I access one of these servers on my Mac, I have a 10 second delay. I have found out that this delay is caused by DNS lookups, because apparently Lion resolves .local domains in the following order:
- check
/etc/hosts
for IPv6 address - check DNS server for an AAAA record (IPv6 address)
- check via MDNS (Bonjour) for an AAAA record
- check
/etc/hosts
for an IPv4 address - check DNS server for an A record (IPv4 address)
- check MDNS for A record
Now, the problem is, we don't have an IPv6 network. All xxx.companyname.local
servers on our network have only IPv4 addresses and the DNS server has only A records. This means that the address is resolved in step 5. The problem with this is that step 3 takes ten seconds before it times out! Every time I connect to our wiki, SVN server, Kerberos server, etc, there is a 10 second delay.
I have managed to trick Lion by adding lines like the following to /etc/hosts
::FFFF:10.99.99.99 xxx.companyname.local
If I do this, Lion thinks there is an IPv6 address for the domain and stops after step 1. However, this workaround totally circumvents all the useful features of DNS. I don't want to manually keep track of the IP addresses of dozens of internal domains! I could as well stop using host names and just type IP addresses!
So: Does anybody have an idea how to change this lookup order? Or disable IPv6 lookup since we don't have an IPv6 network anyway?
Thanks for the question - I bookmark it as Mac DNS resolution reference ;) – Alex – 2011-12-22T17:04:35.920
You'd be far better served trying to determine why your DNS servers are taking 10 seconds to send an empty record set answer for
AAAA
records when they (according to what you say) don't take anywhere near that long to answerA
queries for the very same domain names. You seem to be in classic RFC 4074 territory, where the problem is that the servers are broken. Note, too, that you've hit upon one of the several well-known and long discussed reasons for not usinglocal.
for split-horizon DNS service. That's better to fix, as well. – JdeBP – 2011-12-23T14:33:52.8601The DNS servers in step two return an empty AAAA record instantly. The problem is step 3 - the MDNS/Bonjour/Zeroconf query. Lion waits 10 seconds after the broadcast before timing out. After googling a bit I am well aware that using
local.
is a bad idea, but the IT department told to me that they think usinglocal.companyname.
is perfectly fine and I can't really do anything about that. – Jakob Egger – 2011-12-23T15:24:26.943The people in your IT department are vastly underinformed. This has been known to be very much not "perfectly fine" in network administration circles for roughly half a decade. You could … encourage … your IT department people's networking knowledge to be brought into the 21st century. You could … remind … them that their job is not to arrange matters such that the corporate computers don't work properly. ☺ – JdeBP – 2011-12-24T02:17:59.017
@JdeBP And yet, Apple decided it would be a good idea to use it... You'll note that Microsoft also uses it and recommends it as best practice. So... Who says it's not? – Basic – 2013-01-08T17:00:41.527