Search Again: dns problem resolution? From: Jody McAlister Date: Monday, November 1, 2004 Time: 2:20:49 pm The mac os x server list just posted this message regarding dns lookups. they've been basically having the same thread that we had last week. I haven't tried it yet. I'm posting so maybe men and mice can confirm before I start playing with my server. ************************************************************************ ********************************************* (Copied message begins here...) A more complex, but more reliable fix MacFixIt reader Ken has discovered a clever workaround that involves modifying the operation of Mac OS X's "named" daemon -- the DNS server that is part of the BIND set of UNIX DNS utilities. The theory behind why this fix works is as follows: root domain servers appear to have recently been given IPv6 capability, and are now returning AAAA records in response to name lookups. Ken writes "The simple upshot is that for whatever reason, the first time named tries to go do a DNS query, it seems to decide to try sending to an IPV6 server address, which is pretty much guaranteed to fail for most users. Eventually this times out and it retries, but by that time Safari has usually given up on resolving the address and you get an error. The second time you try it, the correct address has already been cached by the system and everything works. "I found that a very simple fix (if you don't mind editing OS config files) was to modify the /System/Library/StartupItems/BIND/BIND file to add the '-4' option to named, which forces it to only use IPV4. For example, the first part of the file normally looks like this: StartService () { if [ "${DNSSERVER:=-NO-}" = "-YES-" ]; then ConsoleMessage "Starting named" named fi } I changed the above to: StartService () { if [ "${DNSSERVER:=-NO-}" = "-YES-" ]; then ConsoleMessage "Starting named" named -4 fi } "You should probably do the same thing for the RestartService section in the file. You'll either need to restart named by hand with the new option, or simply reboot your system to have the above take effect (probably the safest thing to do). I haven't yet tried digging into the BIND code deeply enough to determine why it seems to favor IPV6 address over and over again even though it never gets a valid response. It appears as though there is some code within BIND to sort the servers on response time, but IPV6 servers seem to always wind up at the front of the list."

Messages In This Thread: dns problem resolution? by Jody McAlister on Nov 1, 2004 at 2:20:49 pm Re: dns problem resolution? by Men & Mice Support on Nov 1, 2004 at 2:52:12 pm Re: dns problem resolution? by Jody McAlister on Nov 1, 2004 at 3:37:30 pm Re: dns problem resolution? by Scott Haneda on Nov 1, 2004 at 3:45:23 pm Re: dns problem resolution? by Jody McAlister on Nov 4, 2004 at 10:37:32 am Re: dns problem resolution? by Men & Mice Support on Nov 4, 2004 at 12:09:36 pm Re: dns problem resolution? by Jody McAlister on Nov 4, 2004 at 2:04:16 pm Re: dns problem resolution? by Men & Mice Support on Nov 4, 2004 at 2:33:26 pm Re: dns problem resolution? by John May on Nov 4, 2004 at 3:46:25 pm Re: dns problem resolution? by Men & Mice Support on Nov 4, 2004 at 4:06:33 pm Re: dns problem resolution? by Thomas Carpentier on Nov 5, 2004 at 1:50:43 am Re: dns problem resolution? by Men & Mice Support on Nov 5, 2004 at 11:22:34 am Re: dns problem resolution? by Jim Cobb on Nov 5, 2004 at 11:55:11 am Re: dns problem resolution? by John May on Nov 5, 2004 at 12:03:37 pm Re: dns problem resolution? by Men & Mice Support on Nov 5, 2004 at 12:33:34 pm Re: dns problem resolution? by John May on Nov 5, 2004 at 1:11:41 pm Re: dns problem resolution? by Men & Mice Support on Nov 5, 2004 at 2:08:02 pm