MacOS – Can’t access apple.com webservers, App Store, nor Software Update

dnsmac-appstoremacos

I have a MacBook Pro Early 2011 running Lion 10.7.4 (11E53)

I have installed an SSD instead of the optical drive, and encrypted both hard drives with FileVault2.

For some time now I noticed I can't access the apple.com servers, not even in Safari/Chrome/Firefox.

If I try to ping www.apple.com it doesn't find the host, but when I do a dig apple.com I get the informations.

It's very very strange, any ideas?

In the meantime I booted to recovery with cmd-R and reinstalled Lion but to no avail. Strangely though, in recovery there are no problems accessing the apple servers, because the Lion image was downloaded on the fly..

Later edit, results from dig apple.com any and ping www.apple.com

➜  ~  dig apple.com any              
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.7.3-P3 <<>> apple.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53874
;; flags: qr rd ra; QUERY: 1, ANSWER: 24, AUTHORITY: 6, ADDITIONAL: 6

;; QUESTION SECTION:
;apple.com.         IN  ANY

;; ANSWER SECTION:
apple.com.      3542    IN  TXT "v=spf1 ip4:17.0.0.0/8 ~all"
apple.com.      86342   IN  SOA gridmaster-ib.apple.com. hostmaster.apple.com. 2010076647 1800 900 2016000 86500
apple.com.      86342   IN  NAPTR   50 50 "se" "SIPS+D2T" "" _sips._tcp.apple.com.
apple.com.      86342   IN  NAPTR   90 50 "se" "SIP+D2T" "" _sip._tcp.apple.com.
apple.com.      86342   IN  NAPTR   100 50 "se" "SIP+D2U" "" _sip._udp.apple.com.
apple.com.      3542    IN  MX  10 mail-in11.apple.com.
apple.com.      3542    IN  MX  10 mail-in12.apple.com.
apple.com.      3542    IN  MX  10 mail-in13.apple.com.
apple.com.      3542    IN  MX  10 mail-in14.apple.com.
apple.com.      3542    IN  MX  10 mail-in15.apple.com.
apple.com.      3542    IN  MX  20 mail-in21.apple.com.
apple.com.      3542    IN  MX  20 mail-in22.apple.com.
apple.com.      3542    IN  MX  20 mail-in23.apple.com.
apple.com.      3542    IN  MX  20 mail-in24.apple.com.
apple.com.      3542    IN  MX  20 mail-in25.apple.com.
apple.com.      3542    IN  MX  100 mail-in3.apple.com.
apple.com.      1731    IN  A   17.149.160.49
apple.com.      1731    IN  A   17.172.224.47
apple.com.      86342   IN  NS  nserver.asia.apple.com.
apple.com.      86342   IN  NS  nserver.euro.apple.com.
apple.com.      86342   IN  NS  nserver.apple.com.
apple.com.      86342   IN  NS  nserver3.apple.com.
apple.com.      86342   IN  NS  nserver2.apple.com.
apple.com.      86342   IN  NS  nserver4.apple.com.

;; AUTHORITY SECTION:
apple.com.      86342   IN  NS  nserver3.apple.com.
apple.com.      86342   IN  NS  nserver.apple.com.
apple.com.      86342   IN  NS  nserver2.apple.com.
apple.com.      86342   IN  NS  nserver.asia.apple.com.
apple.com.      86342   IN  NS  nserver.euro.apple.com.
apple.com.      86342   IN  NS  nserver4.apple.com.

;; ADDITIONAL SECTION:
nserver.asia.apple.com. 85475   IN  A   17.82.254.3
nserver.euro.apple.com. 85475   IN  A   17.72.133.64
nserver.apple.com.  85475   IN  A   17.254.0.50
nserver2.apple.com. 85475   IN  A   17.254.0.59
nserver3.apple.com. 85475   IN  A   17.112.144.50
nserver4.apple.com. 85475   IN  A   17.112.144.59

;; Query time: 5 msec
;; SERVER: 213.154.124.221#53(213.154.124.221)
;; WHEN: Tue Jun 19 08:08:40 2012
;; MSG SIZE  rcvd: 918

And the ping:

➜  ~  ping -c 1 www.apple.com
ping: cannot resolve www.apple.com: Unknown host

➜  ~  ping -c 1 apple.com
ping: cannot resolve apple.com: Unknown host

Best Answer

Given that you've already checked your DNS and /etc/hosts ~~and flushed the DNS cache using dscacheutil -flushcache~~ it is quite possible you have malware on your machine. You have re-installed Lion which should take care of any file corruption issues, but may not remove malware if you recovered your user files from a backup. Double-check your network settings to ensure you are not using any proxies, but other than that, malware seems the most likely culprit.

EDIT: It seems dscacheutil -flushcache no longer works to flush the DNS cache. Before we flush the cache the new way, let's take a look at it. Run:

sudo killall -INFO mDNSResponder

and then look at the system.log file. You can view it in the Console app under Files or you can view it in the terminal with less /var/log/system.log. Either way, mDNSResponder dumps a lot of information into the system.log as a result of that command, which should help pinpoint the problem. Search for "apple.com" in the results and see what you come up with. Then try

sudo killall -HUP mDNSResponder

to actually flush the cache and try ping www.apple.com again.

You have tried dig www.apple.com which correctly resolved to e3191.c.akamaiedge.net which is a CDN domain that will have different IP addresses depending on where you connect to the internet. Try nslookup www.apple.com and you should get the same thing, e.g.

user$ nslookup www.apple.com
Server:     8.8.8.8
Address:    8.8.8.8#53

Non-authoritative answer:
www.apple.com   canonical name = www.isg-apple.com.akadns.net.
www.isg-apple.com.akadns.net    canonical name = www.apple.com.edgekey.net.
www.apple.com.edgekey.net   canonical name = e3191.c.akamaiedge.net.
Name:   e3191.c.akamaiedge.net
Address: 23.11.77.15

So you should be able to ping www.apple.com, e3191.c.akamaiedge.net, and 23.11.77.15 (or whatever IP address you get from dig). (While it is true that many servers do not respond to ping requests, this server does respond and your problem isn't that you cannot get a response anyway, it's that you cannot resolve the domain name.) If you can ping some but not all, then you probably have a malware problem.

There were a bunch of trojans circulating as video codecs that messed with DNS. I suggest getting a reputable malware scanner and checking your system.

Best Answer

Related Solutions

Mac – Can’t download or update Mac App Store apps

MacOS – I can’t access the Mac App Store, iTunes, or Software Update on Lion

Related Question