I expect to be able to resolve the DNS name www.foobar.dev
using a DNS server that's running in a VM on my OS/X (High Sierra) system because I have created an /etc/resolver/dev
file containing the following one line: (specifying the VM's virtual address)
nameserver ww.xx.yy.zz
... but dig www.foobar.dev
continues to consult the Internet nameserver,
while dig @ww.xx.yy.zz www.foobar.dev
successfully retrieves the entry from the VM's DNS.
I've used the dscacheutil
command to be sure that an errant entry is not in the DNS resolver cache.
So, why isn't the presence of an /etc/resolver/dev
file with the specified contents sufficient to direct "anything.dev
" to the specified DNS server?
Interestingly – sometimes it seems to work. Also, the command scutil --dns
produces the following expected entry, which seems to indicate that the /etc/resolver/dev
file is being detected!
resolver #8
domain : dev
nameserver[0] : ww.xx.yy.zz
flags : Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)
It's probably working fine, you're just testing it wrong. dig
(and host
and nslookup
) don't use the system resolver, nor do they fully implement the system resolver's lookup policy. As a result, they're useful for testing the DNS system itself, but not for testing how the OS uses DNS. The official way to test the system resolver is dscacheutil
(e.g. dscacheutil -q host -a name www.foobar.dev
), but that's annoyingly verbose, so I tend to just use ping
and look at the IP it reports.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With