Recommended Posts

Interesting one for you all, anyone know me what is going on?

 

Background: I have just purchased a new mac - an entirely new experience for me actually, having only had PC's before.

 

I have noticed that the mac won't resolve my hostnames on my pfsense local DNS, not completely anyway. A little explanation:

 

Hostname 1: pfsense

Works on both windows and mac when typing in the url bar of a browser.

 

Hostname 2: TEXT-10

Only works on windows based browser when typed in the url bar. Mac just sends me off on a google search.

 

Could this be because of the '-' in the second hostname? I don't know why it wouldn't resolve one when it's perfectly happy with the other.

 

I'm probably missing some information for a diagnosis but since I don't know what im looking for I thought I would keep it relatively short and sweet. Happy to provide any more information if anyone has any ideas :)

 

Cheers all.

 

rancid

 

 

Link to comment
https://www.neowin.net/forum/topic/1199233-local-dns-mac-differences/
Share on other sites

What is the fqdn of the hosts?  What is the domain your mac is in?

 

nslookup is a valid tool on mac

https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/nslookup.1.html

 

I would suggest you use it to validate if a fqdn resolves or not from the mac.

 

- is a valid character for host names be it dns or even netbios only.  Atleast in MS specification of netbios names.  I am not aware if macs broadcast like a windows box will do? for a host name..

 

So simple sniff shows that windows will broadcast for something that is not resolvable.. So you see here that I put testhostname in my browser address bar, my machine queries my dns adding the domain local.lan - dns returns hey can not find that, so then the box broadcasts for the hostname

 

post-14624-0-42908100-1391557703.png

 

post-14624-0-60995500-1391557858.png

 

I would do the same thing if trying to determine what your mac does when you put your host name in the browser window to find out how its its asking, and where its asking and if it broadcasts for it, etc.

Update: There seems to be a well known issue with macs accessing windows (non-mac) hosts by hostname -and not much by way of obvious solution. I am pushed for time at the moment so I have just stuck an entry into the hosts file for the time being. This has sorted the resolving. Not very elegant though and only a temp solution so I will look into it further in the not too distant future.

 

FYI I can successfully ping TEXT-10.local - fairly sure I tried that before the hosts entry!.

 

Further troubleshooting to follow.

 

Cheers,

 

rancid

I have a similar problem - in my case it wasn't a DNS problem, but a Safari glitch. Safari doesn't seem to recognise non FQDN addresses, instead just redirecting to a Google search as if you were looking for whatever word you were typing.

For example, if I type "lightwave" it will take me to a google search for home, rather than http://lightwave. I guess it's just a downside to having a combined address and search bar.

Pinging lightwave will always work fine, however.

Sounds like a little edit of the hosts file may work for you too.

 

Just remember you will have to manually update the IP if/when it changes, you will also have to do this on all macs individually.

 

Not ideal, hence wanting to find the time to further look into it.

 

I don't think it's a safari issue as such, try out the hosts file edit and see if it works. Either way, needs more looking into what is going on as per budman's suggestion above to see what the mac is actually doing.

 

I will keep this thread updated as I find out more info.

 

Cheers,

 

rancid

Why would you be using host files?  Just put your machines into your dns - I am guessing your routers dns is just blows chucks?  Then run your own - its quite simple to just download BIND and run a real dns server, and support of dynamic updates from your clients.

 

Or just grab http://tftpd32.jounin.net/ it has dhcp server, dns, etc.. etc.. It allows for static dhcp (reservations) etc..  So your machines would always get the same IP - and therefore you have no need to change any "host" file.

OS X can do NetBIOS name lookups, but I'm pretty sure it keeps it separate from normal DNS lookups, so something like connecting to an SMB share will work, but trying the same name in Safari would probably fail. That said, Safari doesn't seem to accept plain hostnames (falls back to Google search), you need to provide a FQDN for them (Yet another reason to use a central DNS setup)

@budman

My current problem is understanding. I literally do not understand what is going on, and as I have said time to learn is limited at the moment.

As far as I was aware, and I think I mentioned previously, I am running my own DNS from pfSense.

@the_decryptor

That sounds like what a brief Google search seemed to be saying yesterday. Note though that that safari does work just entering 'pfsense' (not a FQDN). This leads me to think that something else is going on.

I just tried Safari again, seems it will connect to a plain hostname if it's already in the history, otherwise it defaults to a search (Although you can force it via the dropdown, one of the options is "Go to")

So for me, "openwrt" goes to Google, "openwrt.lan" loads my router page, but going to "openwrt" manually then stops Safari doing a search next time. Firefox on the other hand works fine since it tries hostnames first, then doing a search if it fails.

Well perfect, if your running pfsense - just create whatever dns records you need

 

post-14624-0-65105400-1392040458.png

 

If pfsense is also your dhcp server - then have it register those entries

 

post-14624-0-71948900-1392040553.png

 

I would also suggest the bottom two checkmarks - so that your not forwarding say hostname to your isp when there is no domain on it, and would last one no reason to do rfc1918 ptr upstream.

So - didn't have safari installed..  Grabbed it so could do this simple test, see my tplink alias from my dns listing in the above post

 

post-14624-0-69242500-1392041694.png

 

keep in mind, my box is in the local.lan domain - and will add it to search..

 

So here is sniff of it finding that.. I flushed my local cache with ipconfig /flushdns and then opened safari again

 

post-14624-0-13391300-1392041535.png

 

Notice how it does a fqdn lookup vs just netbios broadcast..  My machine is in that domain, and local.lan is in the search suffix list

 

post-14624-0-39393800-1392041624.png

Cheers budman, that sorted it. It makes sense too! The entries weren't being entered into my DNS in the first place!

 

I do have a question regarding the host override image you posted though, why would I need these? I don't have any entries in this section. Is it because you aren't using pfSense as your dhcp server?

 

Cheers,

 

rancid

Many of my devices are not dchp, some are that are in there are with reservations.  For example that brother entry is my printer - its static, so I put a entry into dns for it.  I have aliases for some devices, etc.

 

Doesn't hurt anything to have the entries in there even if they are pulling IPs from dhcp - But since I assign most of my devices specific IPs either static on the device or through a reservation I like to have the dns in there so it resolves to the IP be it there is a dhcp lease or not active for that device.

  • 8 months later...

Im having problems similar to this again budman, could I trouble you for some assistance?
 
My hostnames are not resolving in my browser again. I have double checked my pfsense setup is as you depicted above, my clients are pointing towards the right DNS address for the pfsense box but I just keep getting google!
 
Extract from wireshark capture:

 

client is .157 DNS is .250.

 

* to be precise I used to just type in the hostname in the browser command line and be redirected to whatever full address the host is serving

 

for example type: "pfsense" end up at "https://pfsense/" automatically. Why, when I type a hostname am I being redirected to a google search of said hostname now?!

 

All servers are assigned by dhcp and the "Register DHCP static mappings in DNS forwarder" is ticked.

 

Any ideas?

 

Cheers,

 

rancid

Why would you think hostname should resolve? That is not fully qualified. That is BAD habit to think that a host name should resolve like that.

from a cmd line using say did or nslookup do your hosts resolve? Where is extract from wireshark? I don't see anyting?

Now pfsense will answer those, if they are in your host file in pfsense, and those get added in via different ways, over ride, dhcp reservation, etc.

post-14624-0-03194300-1415400040.png

But what I would suggest you do is just create a bookmark that is FQ to your pfsense, or any other hosts you want to resolve on your local network - and use FQDN when you want to access stuff.

post-14624-0-27898000-1415400192.png

post-14624-0-41353300-1415400198.png

So validate that fqdn resolves

C:\>ping pfsense.local.lan

Pinging pfsense.local.lan [192.168.1.253] with 32 bytes of data:

Reply from 192.168.1.253: bytes=32 time<1ms TTL=64

When you use fqdn does it resolve??

Yeah, always try to use the FQDN of a device, because it stops Safari (And probably every other browser now) doing searches for them.

Safari and Firefox show the exact same behaviour now, entering a bare hostname does a Google search. If you want to connect you either need to tell it that it's a hostname (So they look it up via DNS) or use the FQDN variant.

  On 07/11/2014 at 22:44, BudMan said:

Why would you think hostname should resolve? That is not fully qualified. That is BAD habit to think that a host name should resolve like that.

from a cmd line using say did or nslookup do your hosts resolve? Where is extract from wireshark? I don't see anyting?

Now pfsense will answer those, if they are in your host file in pfsense, and those get added in via different ways, over ride, dhcp reservation, etc.

attachicon.gifhostfilepfsense.png

But what I would suggest you do is just create a bookmark that is FQ to your pfsense, or any other hosts you want to resolve on your local network - and use FQDN when you want to access stuff.

attachicon.gifshortcut.png

attachicon.gifinbrowser.png

So validate that fqdn resolves

C:\>ping pfsense.local.lan

Pinging pfsense.local.lan [192.168.1.253] with 32 bytes of data:

Reply from 192.168.1.253: bytes=32 time<1ms TTL=64

When you use fqdn does it resolve??

I think that because that is how it has always worked up until recently.

 

Using nslookup from my mac the hostname 'pfsense' resolves. Apologies the wireshark screen grab apparently didn't work. Sending this from my mac atm so don't have it on here. Will edit the original post later when I have access to my pc again.

 

I do have bookmarks setup, I just tend to use keyboard and type where I want to go in the command bar. No reason for this, just the way I apparently prefer to navigate.

 

From my mac (and presumably everything else) both 'ping pfsense' and 'ping FQDN' work.

 

 

  On 08/11/2014 at 02:03, The_Decryptor said:

Yeah, always try to use the FQDN of a device, because it stops Safari (And probably every other browser now) doing searches for them.

Safari and Firefox show the exact same behaviour now, entering a bare hostname does a Google search. If you want to connect you either need to tell it that it's a hostname (So they look it up via DNS) or use the FQDN variant.

 

When you say 'now', has there been a change in the way the browser handles this recently? I use firefox and as I said, previously, I had always got to the server using just the hosname.

 

It's really not a massive issue, it's just I had gotten used to that way of working, and I thought I had messed up something in my setup to cause the change!

 

Cheers,

 

rancid

I'm running a nightly build so I see the changes a few months before they hit the release build :laugh: It's coming though, should be in 34 or 35.

Firefox does auto-complete to the FQDN variant if you've visited it though, I had to manually change it back to the bare hostname to get it to do the search (And even then it asked if I meant to connect to a device by that name)

Does not matter what a browser does or doesn't do for searching or autocompletion. Using just hostname to resolve is BAD habit!! Be it use to work or not, its still a bad habit - FQDN should always be used. To be honest normal dns should not resolve that since its not fully qualified. Now you would have to resolve on netbios resolution either via wins or broadcast, etc.

I would suggest you start typing out your FQDN ;)

Thanks both of you. Perhaps I should use this to get out of my bad habit!

 

@Budman

Why do you have a subdomain for your lan? I think mine is just hotname.localdomain, you seem to be using hostname.local.lan. Just curious.

 

Cheers,

 

rancid

so you did a query for pfsense.localdomain.  And got a response.  So did add a search suffix, is it correct is the ??

 

is localdomain your domain?  That is single label domain and again a bad habit..  Use something better like pfsense.local.domain or pfsense.home.localdomain or pfsense.home.lan or pfsense.rancid.lannet, when you use single label your at a tld, and can have issues just using tld.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • They already are small. Have you seen the size of Linux icons?
    • I thought I could download the ringtone.
    • Foxconn to make iPhone casings in India as Apple shifts more production from China by Sagar Naresh Bhavsar It was recently reported that Donald Trump was unhappy with Tim Cook and threatened Apple with a 25% tariff if iPhones weren't produced in America. While the exact reason is unclear, some speculated that Trump's anger had to do with Cook skipping the Middle East trip with him, which was attended by other major company CEOs. Many believed that Apple came under the radar because of its plans for a $1.5 billion iPhone production plant in India. True or not, Apple is facing a tough situation as Trump has already imposed hefty tariffs on China, where the majority of iPhones are made. In a move to reduce dependence on China, Apple planned to shift its production from China to India, where tariffs are relatively lower. In line with this, a fresh report by The Economic Times suggests that Apple's iPhone assembler, Foxconn, has decided to start producing iPhone casings in India. Sources claim that a new unit is being planned at the ESR Industrial Park in Oragadam, Tamil Nadu. The area is close to the upcoming display module manufacturing plant. Until now, Tata Electronics was the one producing iPhone casings in India. However, Foxconn, which was assembling iPhones in the country at its plant in Sriperumbudur, will start making iPhone casings as well. This move suggests that Foxconn is helping Apple move more production out of China to India. Prabhu Ram, vice president, industry research group, CyberMedia Research, said, Foxconn has already ramped up its India push. The company recently started production of Apple AirPods in Hyderabad for exports and is also setting up an iPhone production plant in Bengaluru. Casings only make up about 2-3% of the total iPhone cost, making them locally helps Apple reduce costs, and also helps avoid hefty tariffs.
    • I loved the initial compact Start Menu present in Windows 10. It was tiny, awesome and super fast without any Store apps clutter.
    • BBC threatens Perplexity with legal action over content scraping by Paul Hill Image via Depositphotos.com The UK’s public broadcaster, BBC, has written a letter to Perplexity, the AI search startup, asking it to stop scraping articles from its websites, delete existing copies of content, and propose some sort of financial compensation if it would like to carry on scraping data. If the demands are not met, BBC may seek an injunction against the startup citing alleged misuse of its intellectual property. BBC is probably responding in this way because it has seen other news organizations cement deals with firms like OpenAI and Mistral. The income stream allows news organizations to raise more funds and also cover the costs of the extra load on their servers caused by AI scraping. For anybody not familiar with Perplexity, it’s a bit like ChatGPT but has a much stronger emphasis on searching the web to find information. You can ask it anything you want to know about and it very quickly searches online and constructs a specific response to your question based on what it has found. The company offers many of its features for free, but does have Perplexity Pro, which costs money. Essentially, Perplexity is making money from publishers by using their content to improve its own product, but not paying them all. Perplexity's defense and existing publisher programs In a statement to the Financial Times, Perplexity labeled the BBC’s claims as "manipulative and opportunistic". The startup accused the broadcaster of having “a fundamental misunderstanding of technology, the internet and intellectual property law.” This is not the first time Perplexity has had a run-in with the media. Forbes and Wired accused it of plagiarizing content from their websites and The New York Times sent the company a cease and desist notice to stop using its content for AI purposes. To assuage publishers, Perplexity has set up a revenue sharing program, which includes TIME, Fortune, Der Spiegel, and others. According to Digiday, the revenue share was up to 25%. It’s not clear if BBC has tried engaging through this avenue or if it wants to try to squeeze the startup for a bigger slice. The escalating battle over AI and intellectual property Even if you only keep up with AI developments in passing, you’ll likely have seen that AI models need to be trained on vast amounts of data, much of which is copyrighted. There is an ongoing debate about whether these companies should be allowed to train on this data, or first seek out permission from the copyright holders. The move from the BBC could spur other publishers on to try and get themselves a better deal from Perplexity. Alternatively, Perplexity could remove BBC content from its platform and stop pulling information from there. It could probably find most of the information elsewhere, but if Perplexity tried to pull this too much it would eventually end up pretty useless with not a lot of content. Overall, this is just one of many ongoing legal issues surrounding AI, but once a conclusion has been reached, it could set a precedent about how AI companies should go about getting content from publishers. Source: FT via Reuters
  • Recent Achievements

    • One Month Later
      KynanSEIT earned a badge
      One Month Later
    • One Month Later
      gowtham07 earned a badge
      One Month Later
    • Collaborator
      lethalman went up a rank
      Collaborator
    • Week One Done
      Wayne Robinson earned a badge
      Week One Done
    • One Month Later
      Karan Khanna earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      678
    2. 2
      ATLien_0
      274
    3. 3
      Michael Scrip
      220
    4. 4
      +FloatingFatMan
      171
    5. 5
      Steven P.
      160
  • Tell a friend

    Love Neowin? Tell a friend!