Sign in to follow this  
Followers 0

Local DNS mac differences

23 posts in this topic

Posted

Interesting one for you all, anyone know me what is going on?

 

Background: I have just purchased a new mac - an entirely new experience for me actually, having only had PC's before.

 

I have noticed that the mac won't resolve my hostnames on my pfsense local DNS, not completely anyway. A little explanation:

 

Hostname 1: pfsense

Works on both windows and mac when typing in the url bar of a browser.

 

Hostname 2: TEXT-10

Only works on windows based browser when typed in the url bar. Mac just sends me off on a google search.

 

Could this be because of the '-' in the second hostname? I don't know why it wouldn't resolve one when it's perfectly happy with the other.

 

I'm probably missing some information for a diagnosis but since I don't know what im looking for I thought I would keep it relatively short and sweet. Happy to provide any more information if anyone has any ideas :)

 

Cheers all.

 

rancid

 

 

Share this post


Link to post
Share on other sites

Posted

What is the fqdn of the hosts?  What is the domain your mac is in?

 

nslookup is a valid tool on mac

https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/nslookup.1.html

 

I would suggest you use it to validate if a fqdn resolves or not from the mac.

 

- is a valid character for host names be it dns or even netbios only.  Atleast in MS specification of netbios names.  I am not aware if macs broadcast like a windows box will do? for a host name..

 

So simple sniff shows that windows will broadcast for something that is not resolvable.. So you see here that I put testhostname in my browser address bar, my machine queries my dns adding the domain local.lan - dns returns hey can not find that, so then the box broadcasts for the hostname

 

post-14624-0-42908100-1391557703.png

 

post-14624-0-60995500-1391557858.png

 

I would do the same thing if trying to determine what your mac does when you put your host name in the browser window to find out how its its asking, and where its asking and if it broadcasts for it, etc.

Share this post


Link to post
Share on other sites

Posted

Cheers for the reply budman. I will have a bash at this tomorrow and see what I can find out :)

Share this post


Link to post
Share on other sites

Posted

Update: There seems to be a well known issue with macs accessing windows (non-mac) hosts by hostname -and not much by way of obvious solution. I am pushed for time at the moment so I have just stuck an entry into the hosts file for the time being. This has sorted the resolving. Not very elegant though and only a temp solution so I will look into it further in the not too distant future.

 

FYI I can successfully ping TEXT-10.local - fairly sure I tried that before the hosts entry!.

 

Further troubleshooting to follow.

 

Cheers,

 

rancid

Share this post


Link to post
Share on other sites

Posted

I have a similar problem - in my case it wasn't a DNS problem, but a Safari glitch. Safari doesn't seem to recognise non FQDN addresses, instead just redirecting to a Google search as if you were looking for whatever word you were typing.

For example, if I type "lightwave" it will take me to a google search for home, rather than http://lightwave. I guess it's just a downside to having a combined address and search bar.

Pinging lightwave will always work fine, however.

Share this post


Link to post
Share on other sites

Posted

Sounds like a little edit of the hosts file may work for you too.

 

Just remember you will have to manually update the IP if/when it changes, you will also have to do this on all macs individually.

 

Not ideal, hence wanting to find the time to further look into it.

 

I don't think it's a safari issue as such, try out the hosts file edit and see if it works. Either way, needs more looking into what is going on as per budman's suggestion above to see what the mac is actually doing.

 

I will keep this thread updated as I find out more info.

 

Cheers,

 

rancid

Share this post


Link to post
Share on other sites

Posted

Why would you be using host files?  Just put your machines into your dns - I am guessing your routers dns is just blows chucks?  Then run your own - its quite simple to just download BIND and run a real dns server, and support of dynamic updates from your clients.

 

Or just grab http://tftpd32.jounin.net/ it has dhcp server, dns, etc.. etc.. It allows for static dhcp (reservations) etc..  So your machines would always get the same IP - and therefore you have no need to change any "host" file.

Share this post


Link to post
Share on other sites

Posted

OS X can do NetBIOS name lookups, but I'm pretty sure it keeps it separate from normal DNS lookups, so something like connecting to an SMB share will work, but trying the same name in Safari would probably fail. That said, Safari doesn't seem to accept plain hostnames (falls back to Google search), you need to provide a FQDN for them (Yet another reason to use a central DNS setup)

Share this post


Link to post
Share on other sites

Posted

@budman

My current problem is understanding. I literally do not understand what is going on, and as I have said time to learn is limited at the moment.

As far as I was aware, and I think I mentioned previously, I am running my own DNS from pfSense.

@the_decryptor

That sounds like what a brief Google search seemed to be saying yesterday. Note though that that safari does work just entering 'pfsense' (not a FQDN). This leads me to think that something else is going on.

Share this post


Link to post
Share on other sites

Posted

I just tried Safari again, seems it will connect to a plain hostname if it's already in the history, otherwise it defaults to a search (Although you can force it via the dropdown, one of the options is "Go to")

So for me, "openwrt" goes to Google, "openwrt.lan" loads my router page, but going to "openwrt" manually then stops Safari doing a search next time. Firefox on the other hand works fine since it tries hostnames first, then doing a search if it fails.

Share this post


Link to post
Share on other sites

Posted

Well perfect, if your running pfsense - just create whatever dns records you need

 

post-14624-0-65105400-1392040458.png

 

If pfsense is also your dhcp server - then have it register those entries

 

post-14624-0-71948900-1392040553.png

 

I would also suggest the bottom two checkmarks - so that your not forwarding say hostname to your isp when there is no domain on it, and would last one no reason to do rfc1918 ptr upstream.

Share this post


Link to post
Share on other sites

Posted

So - didn't have safari installed..  Grabbed it so could do this simple test, see my tplink alias from my dns listing in the above post

 

post-14624-0-69242500-1392041694.png

 

keep in mind, my box is in the local.lan domain - and will add it to search..

 

So here is sniff of it finding that.. I flushed my local cache with ipconfig /flushdns and then opened safari again

 

post-14624-0-13391300-1392041535.png

 

Notice how it does a fqdn lookup vs just netbios broadcast..  My machine is in that domain, and local.lan is in the search suffix list

 

post-14624-0-39393800-1392041624.png

Share this post


Link to post
Share on other sites

Posted

Cheers budman, that sorted it. It makes sense too! The entries weren't being entered into my DNS in the first place!

 

I do have a question regarding the host override image you posted though, why would I need these? I don't have any entries in this section. Is it because you aren't using pfSense as your dhcp server?

 

Cheers,

 

rancid

Share this post


Link to post
Share on other sites

Posted

Many of my devices are not dchp, some are that are in there are with reservations.  For example that brother entry is my printer - its static, so I put a entry into dns for it.  I have aliases for some devices, etc.

 

Doesn't hurt anything to have the entries in there even if they are pulling IPs from dhcp - But since I assign most of my devices specific IPs either static on the device or through a reservation I like to have the dns in there so it resolves to the IP be it there is a dhcp lease or not active for that device.

Share this post


Link to post
Share on other sites

Posted

Im having problems similar to this again budman, could I trouble you for some assistance?
 
My hostnames are not resolving in my browser again. I have double checked my pfsense setup is as you depicted above, my clients are pointing towards the right DNS address for the pfsense box but I just keep getting google!
 
Extract from wireshark capture:

 

client is .157 DNS is .250.

 

* to be precise I used to just type in the hostname in the browser command line and be redirected to whatever full address the host is serving

 

for example type: "pfsense" end up at "https://pfsense/" automatically. Why, when I type a hostname am I being redirected to a google search of said hostname now?!

 

All servers are assigned by dhcp and the "Register DHCP static mappings in DNS forwarder" is ticked.

 

Any ideas?

 

Cheers,

 

rancid

Share this post


Link to post
Share on other sites

Posted

Why would you think hostname should resolve? That is not fully qualified. That is BAD habit to think that a host name should resolve like that.

from a cmd line using say did or nslookup do your hosts resolve? Where is extract from wireshark? I don't see anyting?

Now pfsense will answer those, if they are in your host file in pfsense, and those get added in via different ways, over ride, dhcp reservation, etc.

post-14624-0-03194300-1415400040.png

But what I would suggest you do is just create a bookmark that is FQ to your pfsense, or any other hosts you want to resolve on your local network - and use FQDN when you want to access stuff.

post-14624-0-27898000-1415400192.png

post-14624-0-41353300-1415400198.png

So validate that fqdn resolves

C:\>ping pfsense.local.lan

Pinging pfsense.local.lan [192.168.1.253] with 32 bytes of data:

Reply from 192.168.1.253: bytes=32 time<1ms TTL=64

When you use fqdn does it resolve??

Share this post


Link to post
Share on other sites

Posted

Yeah, always try to use the FQDN of a device, because it stops Safari (And probably every other browser now) doing searches for them.

Safari and Firefox show the exact same behaviour now, entering a bare hostname does a Google search. If you want to connect you either need to tell it that it's a hostname (So they look it up via DNS) or use the FQDN variant.

Share this post


Link to post
Share on other sites

Posted

Why would you think hostname should resolve? That is not fully qualified. That is BAD habit to think that a host name should resolve like that.

from a cmd line using say did or nslookup do your hosts resolve? Where is extract from wireshark? I don't see anyting?

Now pfsense will answer those, if they are in your host file in pfsense, and those get added in via different ways, over ride, dhcp reservation, etc.

attachicon.gifhostfilepfsense.png

But what I would suggest you do is just create a bookmark that is FQ to your pfsense, or any other hosts you want to resolve on your local network - and use FQDN when you want to access stuff.

attachicon.gifshortcut.png

attachicon.gifinbrowser.png

So validate that fqdn resolves

C:\>ping pfsense.local.lan

Pinging pfsense.local.lan [192.168.1.253] with 32 bytes of data:

Reply from 192.168.1.253: bytes=32 time<1ms TTL=64

When you use fqdn does it resolve??

I think that because that is how it has always worked up until recently.

 

Using nslookup from my mac the hostname 'pfsense' resolves. Apologies the wireshark screen grab apparently didn't work. Sending this from my mac atm so don't have it on here. Will edit the original post later when I have access to my pc again.

 

I do have bookmarks setup, I just tend to use keyboard and type where I want to go in the command bar. No reason for this, just the way I apparently prefer to navigate.

 

From my mac (and presumably everything else) both 'ping pfsense' and 'ping FQDN' work.

 

 

Yeah, always try to use the FQDN of a device, because it stops Safari (And probably every other browser now) doing searches for them.

Safari and Firefox show the exact same behaviour now, entering a bare hostname does a Google search. If you want to connect you either need to tell it that it's a hostname (So they look it up via DNS) or use the FQDN variant.

 

When you say 'now', has there been a change in the way the browser handles this recently? I use firefox and as I said, previously, I had always got to the server using just the hosname.

 

It's really not a massive issue, it's just I had gotten used to that way of working, and I thought I had messed up something in my setup to cause the change!

 

Cheers,

 

rancid

Share this post


Link to post
Share on other sites

Posted

I'm running a nightly build so I see the changes a few months before they hit the release build :laugh: It's coming though, should be in 34 or 35.

Firefox does auto-complete to the FQDN variant if you've visited it though, I had to manually change it back to the bare hostname to get it to do the search (And even then it asked if I meant to connect to a device by that name)

Share this post


Link to post
Share on other sites

Posted

Does not matter what a browser does or doesn't do for searching or autocompletion. Using just hostname to resolve is BAD habit!! Be it use to work or not, its still a bad habit - FQDN should always be used. To be honest normal dns should not resolve that since its not fully qualified. Now you would have to resolve on netbios resolution either via wins or broadcast, etc.

I would suggest you start typing out your FQDN ;)

Share this post


Link to post
Share on other sites

Posted

Thanks both of you. Perhaps I should use this to get out of my bad habit!

 

@Budman

Why do you have a subdomain for your lan? I think mine is just hotname.localdomain, you seem to be using hostname.local.lan. Just curious.

 

Cheers,

 

rancid

Share this post


Link to post
Share on other sites

Posted

sorry budman, I can't seem to edit my earlier post. Here is the sireshark screen grab I tried to post last time.

 

rancid

post-283916-0-66975600-1415463006.png

Share this post


Link to post
Share on other sites

Posted

so you did a query for pfsense.localdomain.  And got a response.  So did add a search suffix, is it correct is the ??

 

is localdomain your domain?  That is single label domain and again a bad habit..  Use something better like pfsense.local.domain or pfsense.home.localdomain or pfsense.home.lan or pfsense.rancid.lannet, when you use single label your at a tld, and can have issues just using tld.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.