macOS DNS – Check Status and Restart Resolution Service

big surdnsmacosNetwork

Background

Connected to WiFi on Macbook Air, Early 2014, running Big Sur 11.7.10, logged in as a Standard (limited) User.

Symptoms

Browsing Internet works fine on Google Chrome.
nslookup google.com works fine from Terminal.
Browsing Internet does NOT work from Safari.
ping google.com does NOT work from Terminal. (Cannot resolve, Unknown host)

Deductions

DNS server and resolution is working, HOWEVER
the default MacOS resolution is NOT working.

Attempted Solution

From Terminal:

su to Admin user
Run command: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

Result: DNS resolution still not working.

Best Answer

A multi-part question, with multi-part answer :)

First: check status

Google Chrome works -- newer settings of Chrome use secure DNS, thus not relying on MacOS's DNS resolution service. (Look at Settings, Privacy and Security, Security, Secure DNS and Secure DNS provider to see what Chrome uses).
The terminal command nslookup does not use the system DNS server.

$ man nslookup
...
macOS NOTICE
       The nslookup command does not use the host name and address resolution or the DNS
       query routing mechanisms used by other processes running on macOS.  The results of
       name or address queries printed by nslookup may differ from those found by other
       processes that use the macOS native name and address resolution mechanisms.  The
       results of DNS queries may also differ from queries that use the macOS DNS routing
       library.
...

Instead nslookup uses the file /etc/resolv.conf. Usually that file has a line like nameserver 127.0.0.1, where that address is provided by the network (during DHCP) or by your OS (in Settings). The same happens with the dig command.

Safari uses the DNS resolver mechanism.
ping uses the DNS resolver mechanism.

In your case, tests (3) and (4) show there is indeed a problem.

Another potential test is to use the command scutil --dns. If the DNS resolver is healthy, the output should show a section "DNS configuration (for scoped queries)", with some valid endpoints.

Second: how to "restart" it?

For MacOS Big Sur the command you have in the question should do it:

sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

This page has instructions for other macos versions.

Additional

I would also check what made the service malfunction. You can use the Console application and look at the System log launchd.log. Alternatively, you can grep directly from the terminal. In my system, I'd use something like:

$ grep -i dns -R /private/var/log

How do I check what DNS server I'm using (on Mac OS X)
luckman212's answer below indicates that MacOS uses a unified logging system. Look at answer for details.

OS X 10.10.0 – 10.10.3, Yosemite

Apparently, mDNSResponder doesn't exist in Yosemite (OS X 10.10). You can restart descoveryd instead to fix these issues.

sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist

OS X 10.10.4+, Yosemite

In OSX 10.10.4 the mDNSResponder has been reintroduced. So use the first one will work again.

MacOS – How to fix when I can nslookup and dig an internal hostname, but I cannot ping or ssh to the internal machine

Starting from Lion (except Yosemite between 10.10 and 10.10.3), the command for flushing the DNS cache is:

$ sudo killall -HUP mDNSResponder

There is a solution at https://superuser.com/questions/326848/strange-ns-behavior-on-os-x-cant-connect-to-ssh-server.