Page 1 of 1

Strange Resolution Problem

Posted: Thu Jul 02, 2009 5:15 am
by troymurray
Today I started noticing a strange resolution problem on my MB. I'm connected to the local network (35.x.x.x) here, but have an OpenVPN connection to my server cluster network (192.x.x.x). The internal DNS server on our server cluster network is configured to report back external FQDN with the internal IP address. Meaning my.server.org from inside the server cluster network (192.x.x.x) reports the internal address of the system (192.192.192.192) instead of the external IP address of the server (35.35.35.35).

So if I run a dig, host or nslookup using my FQDN it resolves to the correct internal IP address. If I run PING or use Safari to go to the web page on that server, the external IP address is used. I don't have anything configured it my HOSTS file, and my /etc/resolve.conf is currently set to use my internal DNS server on our server cluster network. I've also cleared my cache (dscacheutil -flushcache), but the results are the same. I am NOT using a proxy. I feel like I'm missing something, any clues?

I'm using the latest build of Viscosity with the "Use alternate DNS support" set to true

Re: Strange Resolution Problem

Posted: Sun Jul 05, 2009 11:54 am
by James
Hi Troy,

How do you get on with "Use alternate DNS support" turned off?

Dig, host, etc use resolve.conf for DNS resolution, however most other applications use Mac OS X's resolver system. Too check if your DNS server is correctly being set under this system, open the Terminal application, and type "scutil --dns" (no quotes). Are your VPN DNS/Domain settings listed there?

Cheers,
James

Re: Strange Resolution Problem

Posted: Thu Jul 30, 2009 8:05 am
by troymurray
James,

I have "Use alternate DNS support" set to "TRUE" and I'm using OpenVPN 2.1 as the default.

If I run the command you suggest, here are the results:

resolver #1
search domain[0] : mynetwork.local
nameserver[0] : 10.0.1.1
order : 200000

resolver #2
domain : mynetwork.local
nameserver[0] : 192.168.192.41
order : 100400

resolver #3
domain : myuserid.members.mac.com.
options : pdns
timeout : 5
order : 150000

resolver #4
domain : local
options : mdns
timeout : 2
order : 300000

resolver #5
domain : 254.169.in-addr.arpa
options : mdns
timeout : 2
order : 300001

resolver #6
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300002

resolver #7
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300003

resolver #8
domain : a.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300004

resolver #9
domain : b.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300005

Re: Strange Resolution Problem

Posted: Fri Aug 14, 2009 2:39 am
by James
resolver #2
domain : mynetwork.local
nameserver[0] : 192.168.192.41
order : 100400
Mac OS X should be using this DNS server (it looks like your internal one?) for DNS resolutions from apps like Safari, however it's possible OS X may be falling back to the next priority DNS server (10.0.1.1) for DNS resolutions. Turning off "Use alternate DNS support" doesn't solve this? Viscosity's standard DNS support should temporarily remove your local DNS server from the resolver list, thereby preventing it from being used for resolutions (which would resolve to the external IPs).

Cheers,
James