This article is at best misguided. OS X 10.10 DNS is not broken, it is working as intended - just differently from the past. Standards have changed and many haven't noticed.
All of the bugs cited have to do with ".local" domains. You should never use .local domains as IANA has designated this domain as a special use domain for Multicast DNS as part of IP Zeroconf and Bonjour.
http://tools.ietf.org/html/rfc6762
Yosemite has split the job of unicast and multicast DNS up such that you cannot resolve single-label .local domains with unicast DNS anymore; you MUST use multicast. This is why hosts will resolve with nslookup or dig but not ping. The old behavior with mDNSresponder was arguably legacy backwards compatibility for unicast DNS resolution of .local hosts.
(I figured this out the hard way over a weekend using the Googles when my local VMs weren't resolving properly via dnsmasq - my fortunes changed when I looked into ".local").
There is one remaining problem with Yosemite DNS I haven't figured out yet, and that's getting unicast DNS resolution via dnsmasq while offline. Frustrating.
This most likely has to do with your DNS server. Try to change it to another one (e.g. Google's 8.8.8.8 or OpenDNS's 208.67.222.222) and see if it gets better.
Had the same problem popping up just after upgrading to Yosemite.
Decided to do a clean install a couple of months ago as I saw other machines on my network didn't have this problem. After the clean install things are working out as expected again.
Not what I really wanted (checked quite a bit around for a solution without finding any), but at least I don't have this happening multiple times a day.
That sounds like a good reason/background story for Apple to change the existing mDNSresponder, but how are the issues in the article not signs of 10.10 being broken? (The article was written before 10.10.2 was released, so some bugs might have been fixed.)
I think the only misguided part was to encourage people to replace system files.
The counter argument to this is that the RFC is exceedingly new, and directly from Apple. Microsoft has been using .local in example (and recommending them for production) AD builds for a decade. I see what Apple is going for, and I don't mind the idea, but the practical results are frustrating and pointless.
The approved standard RFC is new but the proposal RFC and the practice of using .local for mDNS, like the convention of using .local for AD, goes back more than a decade. I agree that the whole thing is silly and pointless but it's not clear who "barged in" on whom.
In my experience, discoveryd is at best at about the quality of beta software. With some regularity on several different Macs on different networks, it completely loses the ability to resolve names. Kill it and let launchd restart it, and suddenly names resolve again.
Another Yosemite daemon addition, recentsd, had serious issues (for example: substantial memory leaks when interacting with Mail.app) until 10.10.2.
Apple has gotten very good at eliminating crashes. They're obviously using the reporting mechanism there to great effect. But at the same time, Console.app has never been noisier, and failures that don't result in crashes seem to linger far too long.
They've also become, it seems, far more dependent on an "orchestra" of daemon processes to perform tasks that in the past would have been implemented in passive frameworks used separately by each app. That adds complexity of coordination, and meanwhile a single failure can affect every "client" app on the system.
Then simply run `restart-discoveryd` when you can't seem to ping google.com. I always struggle to remember how to start/stop things with launchd, so this is my little shortcut.
I am not sure I understand what this command does, even after reading the man page for discoveryutil. Does it just restart any queries that have not been resolved, or does it restart the process as does my command? If it's the former, how does it work to fix whatever issues discoveryd is having?
In my short time poking around, my belief is discoveryd gets wedged into a state where it thinks DNS queries aren't resolving, and so it doesn't try to resolve them. I'm not sure what exactly is going on there, either all the queries are blocked somehow on some long-lived query that has no response and no timeout, or discoveryd thinks the network is broken and is waiting for it to come back (those are just guesses). Either way, the command tells discoveryd to restart any outstanding "questions" (which presumably means queries). When I had the issue, that was sufficient to flush out whatever it was that was blocking everything, as my machine instantly started working properly again.
I ran into the same problem with Yosemite when offline in a plane this weekend. I'm using the same setup as you except I have .dev instead of just dev.
I've searched high and low after reading your reply, trying for an hour to jog my memory of how I got that to work.
Well, I found it — quite a few entries in /etc/hosts, made at 02:30 AM, together with unflattering comments about the parents of those responsible for Yosemites new DNS subsystem...
So sorry for getting your hopes up! I have no idea how I could have misremembered all that so badly.
Are you sure that intermittent failure to name-resolve can solely be attributed to the handling of .local domains? It seems that if that was the case, the failures would be more deterministic
> All of the bugs cited have to do with ".local" domains. You should never use .local domains as IANA has designated this domain as a special use domain for Multicast DNS as part of IP Zeroconf and Bonjour. http://tools.ietf.org/html/rfc6762
That may be the official standard, but .local is a very common, de facto standard. Products need to be compatible with reality.
Just glancing at the RFC, is my impression correct that in February 2013, with .local already widely used for private domains, someone published an RFC appropriating the name for something else? (Could they have used a different name?) They expect the world to change their internal domains in order to accommodate their new idea?
Is there a standard for private second-level domain names? I've never seen one.
"it is working as intended - just differently from the past"
This is blatantly wrong. Any device on my network (which uses .lan as a suffix) that sleeps (including Apple TVs) gets the dreaded "(2)" (or 3, 4, 7), before I started disabling "Wake for Network Access".
Yes, things are different. But don't pretend that we're just "doing/holding it wrong". There are things that are -very- broken.
I had the "<hostname> is already in use" problem, the safari not able to resolve any hostname and I could not use wake on demand for almost 2 years because of some bug.
Maybe I am unusually unlucky but I agree that the quality of the last OS X releases has clearly got worse.
The problem with apple software is that if it doesn't "just work" there is little to do about it.
I am not so sure about reenabling mDNSResponder. This may cause worse problems.
Their software has improved on the mobile front, it seems that's where all their engineers focus these days. It is sad that mac users long for the stability, speed and simple effectiveness of previous versions.
I wouldn't say that. We are still experiencing the iOS won't connect to wifi bug. The really chaotic thing is that iPhones or iPads of the exact same model and software revision (current iOS 8.1.3) will randomly connect, not connect, or connect long enough to get an ip address then not be able to do anything. It is really getting quite frustrating. We have a Cisco 5807 controller and the 3702e wireless points. Every other OS works just fine. Only having trouble with Apple products and randomly at that.
Agree, having wifi problems myself, pretty much have to restart it on every use and that seems to get me around it until the next time it sleeps. I'm at the point of considering going back to iOS 7 on all my devices.
I'm just baffled because we have (among tens of other devices) two iPhones with the same model number and one works and one doesn't. I have some students very happy and some very unhappy. Its not like I can get logs from these folks to figure out what the difference is.
Because they regularly break. Swiftype, Swype. Keyboards disappear. All sorts of stuff.
And iOS 8 isn't really that much better. I've seen weird screens where all the apps are shown, in different orientations, text rotated while the app maintains a different orientation, in Apple apps and third party.
I downgraded from 10.10 to 10.9 and now my laptop is faster and crashes much less often. I will probably hold on to 10.9 for a few years. At least on this laptop.
To be fair, innovation and replacing battle-hardened^W^Wobsolete system components with new software that's pushing the envelope comes at a cost. Apple are doing the right thing here and at this pace, I can see OSX being ready for the desktop soon. I'm not replacing my Ubuntu box with a Mac just yet, as some of my core productivity apps have a dependency on DNS, but I'll be keeping a close eye on OSX for sure.
What kills me about 10.10 is that OSX doesn't even try to resolve a domain name if you're offline. I run dnsmasq locally, which handles all of my DNS requests, capturing .dev domains (resolving them to 127.0.0.1) and forwarding everything else to Google's servers. This is great as long as I'm connected to WiFi or Ethernet (both are configurable through system preferences) but if I'm travelling and don't have an active network connection - quite frequently, in my case - there's not even an attempt* to hit a DNS server. It just fails.
I'm so desperately need a fix to this that I'm wondering if there's some kind of a dongle I can plug into my ethernet or USB port to fake a LAN, just so I can use dnsmasq.
The only thing stopping me from wiping out OSX and using Linux full time is the necessity of running Sketch and the Adobe/MS Office suite for work purposes. :/
I posted this issue on hn a week or so ago (https://news.ycombinator.com/item?id=8969581).. I tried via AppleCare to escalate this and the response from Apple engineers was that it's expected behaviour.. Also if not for a few key apps I'd be switching to some Linux variant.. Here is a video showing the bug with a comparison of 10.9 and 10.10 https://www.youtube.com/watch?v=3m9OI_AjCx8
I've seen the Safari hangs -- sometimes it won't even open a new (empty!) tab. I knew it had to be network related, but forgot that discoveryd is in 10.10 or I would have suspected DNS right away.
edit: anyone remember how broken DNS would prevent you from being able to completely login to GNOME? That is what this feels like.
I've come to the realisation that I don't trust Apple software much these days. I used to upgrade to the latest version of both phone and computer OS quickly, but these days I'll hold on as long as I can - I'm still on 10.9, and waiting for the inevitable software upgrade that will make me have to pull the trigger.
Yosemite is very solid for me as long as it doesn't have to do with iOS integration. iOS 8 is shit-pure-shit, to the point where even my non-technical mother in law and wife have asked about downgrading. Seriously, random non-technical people I meet talk about how bad iOS 8 is and how they won't upgrade. I haven't seen anything like it since the Windows 9x era.
Yosemite's Finder is a continuous source of errors (move a lot of files and watch it crash, never mind the reversion in Applescript). It also has some problems with connecting to drives on a server.
iOS 8 has had problems in early point releases but it's apprently now on 67% of iOS devices. I've found it a bit more stable and usable than iOS 7 but I am on a 5S and 6.
I'm going in the other direction. Used to always wait one or two versions before upgrading and always doing a clean install. I installed bot Mavericks and Yosemite over the older versions early on without any problems.
I eagerly await a true fix to 10.10's issues with dropping wifi connections. Both Macbooks in my house running 10.10 drop the wifi connection at least 5x/day, often more. My other devices do not experience these drops, and these same machines were just fine on 10.9.
My opinion of Apple's software quality has decreased over the past few months.
My 10.10 used to crash after every VNC session ended. There was no info on Google about this, but there were hundreds of other bugs, seems like everyone has adopted one.
Any chance those two MacBooks are connected to a different wifi basestation than your other devices? I have an issue right now where the base station in my living room regularly drops connections (to any devices) but all the other base stations work just fine.
I believe it has something to do with automatic selection of the 2.4 GHz or the 5 GHz band. Unfortunately, Apple does not provide any API to control which band is selected.
That's the problem with networking, right? That the environments you are running in are so diverse that it's nearly impossible to test all the situations. I'm sure that the Apple testers didn't think it was buggy before they released it but a lot of people are having issues in real world situations where the old system worked fine.
This article is at best misguided. OS X 10.10 DNS is not broken, it is working as intended - just differently from the past. Standards have changed and many haven't noticed.
All of the bugs cited have to do with ".local" domains. You should never use .local domains as IANA has designated this domain as a special use domain for Multicast DNS as part of IP Zeroconf and Bonjour. http://tools.ietf.org/html/rfc6762
Apple has also made this clear here: http://support.apple.com/en-us/HT203136
Yosemite has split the job of unicast and multicast DNS up such that you cannot resolve single-label .local domains with unicast DNS anymore; you MUST use multicast. This is why hosts will resolve with nslookup or dig but not ping. The old behavior with mDNSresponder was arguably legacy backwards compatibility for unicast DNS resolution of .local hosts.
(I figured this out the hard way over a weekend using the Googles when my local VMs weren't resolving properly via dnsmasq - my fortunes changed when I looked into ".local").
There is one remaining problem with Yosemite DNS I haven't figured out yet, and that's getting unicast DNS resolution via dnsmasq while offline. Frustrating.
My Yosemite fails frequently resolving common domain names (.com). Has that something to do with .local domains and how could I fix it?
This most likely has to do with your DNS server. Try to change it to another one (e.g. Google's 8.8.8.8 or OpenDNS's 208.67.222.222) and see if it gets better.
Had the same problem popping up just after upgrading to Yosemite. Decided to do a clean install a couple of months ago as I saw other machines on my network didn't have this problem. After the clean install things are working out as expected again.
Not what I really wanted (checked quite a bit around for a solution without finding any), but at least I don't have this happening multiple times a day.
That sounds like a good reason/background story for Apple to change the existing mDNSresponder, but how are the issues in the article not signs of 10.10 being broken? (The article was written before 10.10.2 was released, so some bugs might have been fixed.) I think the only misguided part was to encourage people to replace system files.
The counter argument to this is that the RFC is exceedingly new, and directly from Apple. Microsoft has been using .local in example (and recommending them for production) AD builds for a decade. I see what Apple is going for, and I don't mind the idea, but the practical results are frustrating and pointless.
No, Microsoft has not been recommending .local, as this document, circa Windows Server 2000, states:
> Identify your organization's DNS owner and determine what registered DNS names you have available on the network that will host Active Directory.
> If you do not have a registered domain name, you should register a name with an Internet DNS registration authority.
https://technet.microsoft.com/en-us/library/bb727085.aspx
>
Actually they've said different things about it:
http://en.wikipedia.org/wiki/.local#Microsoft_recommendation...
The approved standard RFC is new but the proposal RFC and the practice of using .local for mDNS, like the convention of using .local for AD, goes back more than a decade. I agree that the whole thing is silly and pointless but it's not clear who "barged in" on whom.
.local doesn't work in Windows either as of Windows 8.
In my experience, discoveryd is at best at about the quality of beta software. With some regularity on several different Macs on different networks, it completely loses the ability to resolve names. Kill it and let launchd restart it, and suddenly names resolve again.
Another Yosemite daemon addition, recentsd, had serious issues (for example: substantial memory leaks when interacting with Mail.app) until 10.10.2.
Apple has gotten very good at eliminating crashes. They're obviously using the reporting mechanism there to great effect. But at the same time, Console.app has never been noisier, and failures that don't result in crashes seem to linger far too long.
They've also become, it seems, far more dependent on an "orchestra" of daemon processes to perform tasks that in the past would have been implemented in passive frameworks used separately by each app. That adds complexity of coordination, and meanwhile a single failure can affect every "client" app on the system.
For you and others with similar issues, add this to your .bashrc:
Then simply run `restart-discoveryd` when you can't seem to ping google.com. I always struggle to remember how to start/stop things with launchd, so this is my little shortcut.
Or just `killall discoveryd` and let it relaunch on its own.
Try just doing
instead. The one time I had DNS issues (only once!), I ran that command and all of my DNS issues immediately resolved themselves.
I am not sure I understand what this command does, even after reading the man page for discoveryutil. Does it just restart any queries that have not been resolved, or does it restart the process as does my command? If it's the former, how does it work to fix whatever issues discoveryd is having?
It almost certainly does not restart the process.
In my short time poking around, my belief is discoveryd gets wedged into a state where it thinks DNS queries aren't resolving, and so it doesn't try to resolve them. I'm not sure what exactly is going on there, either all the queries are blocked somehow on some long-lived query that has no response and no timeout, or discoveryd thinks the network is broken and is waiting for it to come back (those are just guesses). Either way, the command tells discoveryd to restart any outstanding "questions" (which presumably means queries). When I had the issue, that was sufficient to flush out whatever it was that was blocking everything, as my machine instantly started working properly again.
>DNS is not broken, it is working as intended - just differently from the past.
Yeah, but the rewrite is buggy as rewrites often are. If it worked as intended, I doubt so many people would have so many problems.
I haven't had or heard of anyone having DNS problems personally in 10.10 and I have quite a few clients using it.
I got offline resolution with dnsmasq to work with
and
Odd, that's what I use:
# cat /usr/local/etc/dnsmasq.conf address=/dev/127.0.0.1
# cat /etc/resolver/dev nameserver 127.0.0.1
Instead of your choice of foobar.
Doesn't work offline. Your conf looks like the standard dnsmasq conf anyway, so maybe there's one other flag or configuration that you figured out?
the difference I see is that you are missing a period before "dev" in your dnsmasq.conf
I don't know how to configure dnsmasq at all, so that may not be a problem.
I ran into the same problem with Yosemite when offline in a plane this weekend. I'm using the same setup as you except I have .dev instead of just dev.
I've searched high and low after reading your reply, trying for an hour to jog my memory of how I got that to work.
Well, I found it — quite a few entries in /etc/hosts, made at 02:30 AM, together with unflattering comments about the parents of those responsible for Yosemites new DNS subsystem...
So sorry for getting your hopes up! I have no idea how I could have misremembered all that so badly.
Are you sure that intermittent failure to name-resolve can solely be attributed to the handling of .local domains? It seems that if that was the case, the failures would be more deterministic
Multicast DNS isn't very predictable.
I have no bad experiences with resolving regular domains on Yosemite, but others in this tread have suggested bouncing discoveryd can help.
> All of the bugs cited have to do with ".local" domains. You should never use .local domains as IANA has designated this domain as a special use domain for Multicast DNS as part of IP Zeroconf and Bonjour. http://tools.ietf.org/html/rfc6762
That may be the official standard, but .local is a very common, de facto standard. Products need to be compatible with reality.
Just glancing at the RFC, is my impression correct that in February 2013, with .local already widely used for private domains, someone published an RFC appropriating the name for something else? (Could they have used a different name?) They expect the world to change their internal domains in order to accommodate their new idea?
Is there a standard for private second-level domain names? I've never seen one.
"it is working as intended - just differently from the past"
This is blatantly wrong. Any device on my network (which uses .lan as a suffix) that sleeps (including Apple TVs) gets the dreaded "(2)" (or 3, 4, 7), before I started disabling "Wake for Network Access".
Yes, things are different. But don't pretend that we're just "doing/holding it wrong". There are things that are -very- broken.
I had the "<hostname> is already in use" problem, the safari not able to resolve any hostname and I could not use wake on demand for almost 2 years because of some bug. Maybe I am unusually unlucky but I agree that the quality of the last OS X releases has clearly got worse. The problem with apple software is that if it doesn't "just work" there is little to do about it.
I am not so sure about reenabling mDNSResponder. This may cause worse problems.
Their software has improved on the mobile front, it seems that's where all their engineers focus these days. It is sad that mac users long for the stability, speed and simple effectiveness of previous versions.
Yes, probably OS X is a bit left aside nowadays.
I wouldn't say that. We are still experiencing the iOS won't connect to wifi bug. The really chaotic thing is that iPhones or iPads of the exact same model and software revision (current iOS 8.1.3) will randomly connect, not connect, or connect long enough to get an ip address then not be able to do anything. It is really getting quite frustrating. We have a Cisco 5807 controller and the 3702e wireless points. Every other OS works just fine. Only having trouble with Apple products and randomly at that.
Agree, having wifi problems myself, pretty much have to restart it on every use and that seems to get me around it until the next time it sleeps. I'm at the point of considering going back to iOS 7 on all my devices.
I'm just baffled because we have (among tens of other devices) two iPhones with the same model number and one works and one doesn't. I have some students very happy and some very unhappy. Its not like I can get logs from these folks to figure out what the difference is.
You don't use third party keyboards, then?
Because they regularly break. Swiftype, Swype. Keyboards disappear. All sorts of stuff.
And iOS 8 isn't really that much better. I've seen weird screens where all the apps are shown, in different orientations, text rotated while the app maintains a different orientation, in Apple apps and third party.
I downgraded from 10.10 to 10.9 and now my laptop is faster and crashes much less often. I will probably hold on to 10.9 for a few years. At least on this laptop.
To be fair, innovation and replacing battle-hardened^W^Wobsolete system components with new software that's pushing the envelope comes at a cost. Apple are doing the right thing here and at this pace, I can see OSX being ready for the desktop soon. I'm not replacing my Ubuntu box with a Mac just yet, as some of my core productivity apps have a dependency on DNS, but I'll be keeping a close eye on OSX for sure.
What kills me about 10.10 is that OSX doesn't even try to resolve a domain name if you're offline. I run dnsmasq locally, which handles all of my DNS requests, capturing .dev domains (resolving them to 127.0.0.1) and forwarding everything else to Google's servers. This is great as long as I'm connected to WiFi or Ethernet (both are configurable through system preferences) but if I'm travelling and don't have an active network connection - quite frequently, in my case - there's not even an attempt* to hit a DNS server. It just fails.
I'm so desperately need a fix to this that I'm wondering if there's some kind of a dongle I can plug into my ethernet or USB port to fake a LAN, just so I can use dnsmasq.
The only thing stopping me from wiping out OSX and using Linux full time is the necessity of running Sketch and the Adobe/MS Office suite for work purposes. :/
I've been using my Zyxel travel router to access the internet with my iMac until the wifi issues are resolved.
Do you have a bug number, by chance? (If not, consider filing one at bugreporter.apple.com)
I posted this issue on hn a week or so ago (https://news.ycombinator.com/item?id=8969581).. I tried via AppleCare to escalate this and the response from Apple engineers was that it's expected behaviour.. Also if not for a few key apps I'd be switching to some Linux variant.. Here is a video showing the bug with a comparison of 10.9 and 10.10 https://www.youtube.com/watch?v=3m9OI_AjCx8
I've seen the Safari hangs -- sometimes it won't even open a new (empty!) tab. I knew it had to be network related, but forgot that discoveryd is in 10.10 or I would have suspected DNS right away.
edit: anyone remember how broken DNS would prevent you from being able to completely login to GNOME? That is what this feels like.
I've come to the realisation that I don't trust Apple software much these days. I used to upgrade to the latest version of both phone and computer OS quickly, but these days I'll hold on as long as I can - I'm still on 10.9, and waiting for the inevitable software upgrade that will make me have to pull the trigger.
I miss the Snow Leopard days.
Yosemite is very solid for me as long as it doesn't have to do with iOS integration. iOS 8 is shit-pure-shit, to the point where even my non-technical mother in law and wife have asked about downgrading. Seriously, random non-technical people I meet talk about how bad iOS 8 is and how they won't upgrade. I haven't seen anything like it since the Windows 9x era.
Yosemite's Finder is a continuous source of errors (move a lot of files and watch it crash, never mind the reversion in Applescript). It also has some problems with connecting to drives on a server.
I don't know anyone who doesn't have a paus alternative such as Forklift installed. Finder is probably the worst app Apple ever released.
Well, buying a couple 100 copies of Finder replacements is not seen as a good use of money. Plus, training is an issue.
iOS 8 has had problems in early point releases but it's apprently now on 67% of iOS devices. I've found it a bit more stable and usable than iOS 7 but I am on a 5S and 6.
Well, Snow Leopard had is problems as well: "Data losses in Snow Leopard bug" http://news.bbc.co.uk/2/hi/8304229.stm
I'm going in the other direction. Used to always wait one or two versions before upgrading and always doing a clean install. I installed bot Mavericks and Yosemite over the older versions early on without any problems.
I eagerly await a true fix to 10.10's issues with dropping wifi connections. Both Macbooks in my house running 10.10 drop the wifi connection at least 5x/day, often more. My other devices do not experience these drops, and these same machines were just fine on 10.9.
My opinion of Apple's software quality has decreased over the past few months.
Which Macbooks do you have? This hasn't happened to me, but I'd like to know if it might.
I have an early 2011 17" Macbook Pro (8,3). My wife has an early 2009 13" Macbook Pro.
My 10.10 used to crash after every VNC session ended. There was no info on Google about this, but there were hundreds of other bugs, seems like everyone has adopted one.
Any chance those two MacBooks are connected to a different wifi basestation than your other devices? I have an issue right now where the base station in my living room regularly drops connections (to any devices) but all the other base stations work just fine.
A bit late in seeing this -- but no, I only operate one base station (Netgear AC1900).
And you're running the latest version of OS X 10.10, right? I thought the MBP wifi issues were supposed to be resolved by one of the updates.
Oh I updated the day it was available. The issue was not resolved. It seems to have gotten worse.
I believe it has something to do with automatic selection of the 2.4 GHz or the 5 GHz band. Unfortunately, Apple does not provide any API to control which band is selected.
My router runs the 5G band via a separate SSID -- you must explicitly choose to connect to it. That's a standard approach for Netgear routers.
The networking issues with Yosemite were the final push I needed to shrink it down to a tiny partition and install Linux on my MBP.
I'm a very happy MBP user now, and having a tiling windows manager is such a productivity boost, I doubt I'll ever go back.
DNS is broken in 10.10? Haven't had a single problem...
That's the problem with networking, right? That the environments you are running in are so diverse that it's nearly impossible to test all the situations. I'm sure that the Apple testers didn't think it was buggy before they released it but a lot of people are having issues in real world situations where the old system worked fine.
Note that no one would have clicked on this article if it said "Why mDNS in OS X 10.10 is broken..."