Posts

Append search domains not working Apple MAC OS X Yosemite 10.10

I experienced this problem when I upgraded to Apple MAC OS X Yosemite 10.10 you also need to ensure you are running 10.10.1 Update DNS Append Search failed to work. Example if you have your own domain as “company.net”, and you want to ping a host called “demo.company.net”, you can just use the (non-qualified) hostname “demo”.

If you have a host called app01.corp.company.net, weather or not you can use “app01.corp” as a shortname depends on how your operating system is configured.

In Mac OSX (Yosemite), the DNS resolution won’t work as it doesn’t append the search domain. If the hostname you try to use has a . in it, OSX will always assume it’s a FQDN, and won’t try to append your default search domain.

There is a easy way to fix this behaviour follow the instructions below and have fun.

Here we go:

  • Backup /System/Library/LaunchDaemons/com.apple.discoveryd.plist
  • Edit com.apple.discoveryd.plist to include the “–AlwaysAppendSearchDomains” setting. You can use any text editor you like, just don’t forget to use elevated privileges via sudo. If you know vi(m), or nano:

  • You need to add –AlwaysAppendSearchDomains to the ProgramArguments array. In my copy, it was around line 11. Eg:

  • Reload the discoveryd service:

  • Append DNS Broken in OS X El Captain

    here’s how to fix it:

How to use Dig for dns troubleshooting

Some really neat tricks when troubleshooting DNS using Dig and other tools, please see below and let me know if there are any other tricks you would like to see.

How to check nameserver for a domain-name using Dig?

Just return the DNS without all the verbose output using Dig

if you add the +short to the end of the query it will omit all the verbose output and give you something like the below:

How to list all DNS records in a domain using Dig?

Query against different DNS servers using Dig?

The below example shows how you can use dig to use a different dns server for your query rather than your system default:

How to track a DNS propagation change across global DNS servers

You can use this really cool website which allows you to track a dns change you may have done and see how far it has propagated:
https://www.whatsmydns.net/

DNS Reverse Look-up

Bulk DNS Query

Query multiple websites using a file with DNS names:
You can perform a bulk DNS query based on the data from a file.

First, create a sample dnsnames.txt file that contains the website that you want to query.

Next, execute dig -f as shown below, which will perform DNS query for the websites listed in the dnsnames.txt file and display the output.

You can also combine record type with the -f option. The following example displays the NS records of multiple websites that are located in the dnsnames.txt file.

Block domain name with DNS Inspection

Let’s assume that you want to block DNS queries for amazon.com on the LAN interface, below is the solution you can configure on a cisco asa version 8.2+ using a class-map and DNS Inspection: