macOS – Fixing Murus Internet Sharing Not Working

This is not a solution, per se; but possible further refining of the problem.

I have an iMac 7,1 4GB with 3 different external system drives - 2 10.9.1 (1 primary, 1 backup) and 1 10.6.8. The 10.9 I used as primary system started dropping the wifi connection randomly; but repeatedly. Running a ping in terminal made no difference; neither did downloads in progress. I even moved the router to 2 feet from the computer and there are times the computer does not even SEE it.

It DOES NOT happen with either the backup 10.9.1 or 10.6.8.

Tried running Wireless Diagnostics - not sure what to look for; but logs just say dropped.

I tried reinstalling 10.9 on primary (without initializing drive) - no joy, so just doing a basic reinstall hasn't help me.

I have either downloaded/installed something or parts of the communication framework have been corrupted somehow. Whatever it is, it is something that is not repaired with a basic reinstall or something that the diagnostic tool makes obvious to me.

The article you reference was indeed correct for when it was published and that's how it works prior to Mavericks. Under Mountain Lion 'named' get's launched when Internet Sharing is active with /etc/com.apple.named.proxy.conf as the config file. This is all observable under Mountain Lion - I verified it.

However, domain name resolution isn't just based on DNS under OS X like it is in other OSen, but instead it's based on Directory Services -- which permits DNS lookups from flat-files, NIS, NetInfo, LDAP, ZeroConfig/Bonjour ... and DNS -- and it's mDNSResponder that's used for resolution of these name turns. (As per its man page mDNSResponder is also the system-wide Unicast DNS Resolver. It's what is (or should) doing the DNS resolution for your Internet Shared clients under Mavericks. (It was odd that they fired up named under Mt Lion rather than using mDNSResponder back then.)

When Internet Sharing is activated either named (pre-Mavericks) or mDNSResponder (Mavericks) is the "DNS server" that should perform name resolution for Internet Sharing, and that correctly makes 192.168.2.1 the DNS server for the NAPT'ed clients of Internet Sharing. So the straight and simple answer to your questions is that it's not handing out the "wrong DNS server address".

This demonstrable worked for me setting up Internet Sharing to share out my WiFi connection via Ethernet. Clients served by Internet Sharing sent DNS requests to 192.168.2.1 were observed to receive there queries correctly from a browser and when issuing dig @192.168.2.1 apple.com; I observed this in action with tcpdump to verify. Everything "just works" as you'd expect.

I note that in this configuration from the hosting Mac I'm also able to telnet 192.168.2.1 53 and connect to mDNSResponder. I also note that I have the Service Order for the configured networks set with WiFi having precedence over the Ethernet.

However when running this in reverse, sharing the Ethernet connection via WiFi I initially experienced the same issue you were seeing. Namely I saw the UDP DNS request sent over but no response back, just like you observed. Ping passed through to 8.8.8.8 and resolving against 8.8.8.8 using dig worked fine too. I was all prepared to write this up as a bug but I later had the opportunity to restart my MacBook Pro and tried this again, also assuring this time I had Ethernet having precedence over WiFi in the Network preference pane Service Order. This time it "just worked" and I wasn't able to recreate the issue. Problem solved by reboot and checking service order.

Additionally I verified that I could:

• Issue a dig @192.168.2.1 apple.com from a client (assigned 192.168.2.3) of Internet Sharing and receive a successful response. I also observed the UDP query and response using tcpdump:

01:01:05.620240 IP 192.168.2.3.58817 > 192.168.2.1.domain: 34923+ A? apple.com. (27) 01:01:06.051566 IP 192.168.2.1.domain > 192.168.2.3.58817: 34923 3/0/0 A 17.149.160.49, A 17.172.224.47, A 17.178.96.59 (75)

• From the hosting Mac was able to telnet 192.168.2.1 53 and receive a connection.

Internet Sharing has always been a bit fragile. I've often seen weird behavior and have found it's best to restart before attempting to run Internet Sharing or at least to "Make [the] Service Inactive" in Network Preferences for the interfaces in question and then set them active again. (Be sure also to "Apply" when making such changes".) Additionally the Service Order (which controls the default gateways) can also have an impact (as would be expected.) You may also wish to make sure you're using the Apple supplied Location "Automatic" (or a reasonable facsimile). Remember when debuging also that each network interface can have it's own gateway and prefered DNS server to use since after around Leopard or so.

So I'd suggest three things: (1) a reboot and confirm your network service order precedence and/or (2) a clean install of Mavericks to see if this resolves your issues, as well as (3) verify you can get Internet Sharing working where Ethernet is shared out over WiFi and vise versa. If you can't make (3) work then you need to look at something specifically configured wrong on your Mac and again that suggests a clean install.

If you can get it working for Ethernet -> WiFi and WiFi -> Ethernet, this suggests something with the USB Dongle -- and perhaps adjusting the Service Order so it's a higher precedence may be required.

Make sure also you don't have any Firewall rules or are running Little Snitch or anything that may interfere.

Internet Sharing appears also to have some debugging options if you issue

$ /usr/libexec/InternetSharing --help

These, and it's log file, along with the log file for mDNSResponder, might also be useful if you're still having issues.

But as the answer to the question: It's not handing out the wrong DNS server address in DHCP as 192.168.2.1 is the "right" DNS server for Internet Sharing to be handing out based on how it's designed to operate. And mDNSResponder is what should be handling DNS on the host running Internet Sharing under Mavericks. No `named is needed.