MacOS – DNS resolution broken in El Capitan with Thunderbolt Ethernet Adapter on Offline network

dnsmacosNetwork

After upgrading to El Capitan how do I enable DNS resolution on an offline, internal computer network?

Before upgrading to El Capitan I could connect to my internal network, set my DNS and search domain, and I was good to have DNS resolution happen. There was no gateway on the network or DHCP server, just a switch.

Following the upgrade I was no longer able to resolve DNS names internally on a network physically separate from the internet and not connected in any way to the internet. I could ping the hosts on the network by IP address yet not by DNS name.

I tried the usual, flushing the DNS cache, restarting mDNSResponder, and rebooting. None of that helped.

One weird fact is that my /etc/resolv.conf is now blank whereas before the upgrade it showed the list of resolvers my Mac would use.

I imagine El Capitan must have included an update to the OSX DNS resolution system. Can I go and configure it manually? I have been reduced to adding entries to my /etc/hosts file.

I have tried the suggestions mentioned here.

I should mention that my co-worker's computers that are on Yosemite do not experience any issues at all and the Windows computers on the network still resolve names properly as well.

The DNS server is running BIND9 on Ubuntu 14.04 on the regular port 53.

EDIT:

I tried disabling System Integrity Protection (SIP) according to this set of instructions and that did not help at all.

EDIT 2:

Okay, so I found a fix and I probably didn't need to do a fresh install of El Capitan to do it. This is the WEIRDEST bug I have ever encountered on the Macintosh platform. All I had to do was add a Router in my network settings. I just put an arbitrary value in of 1.0.0.1 even though there is no device in my internal network that acts as a router. The mere presence of a value in the "Router:" input field triggered a write of the resolv.conf file and a restoration of the DNS service.

Best Answer

I had the same problem on El Capitan, and was able to resolve it by adding some values to the DNSResponder file, while SIP was DISABLED.

The steps I followed below:

  1. Reboot.
  2. Press Cmd+R to enter Recovery mode.
  3. Open Utilities->Terminal.
  4. Run the command "csrutil disable".

  5. Reboot. You are back in OS X with SIP disabled.

  6. Make the required changes by running the below commands from the terminal:

sudo launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

sudo defaults write /Library/Preferences/com.apple.mDNSResponder.plist AlwaysAppendSearchDomains -bool YES (This is a single line)

sudo launchctl load /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

  1. Reboot.
  2. Press Cmd+R to enter Recovery mode.
  3. Open Utilities->Terminal.
  4. Run the command csrutil enable.
  5. Reboot.

After I got back into the OS, I added the search domains back into System Pref -> Network -> Advanced -> DNS Tab.

Search Domains now work once again, where I am able to ping the first two bits of my domain name, and the last 3 are added automatically.

Related Question