Strange Resolution Problem

Got a problem with Viscosity or need help? Ask here!

troymurray

User avatar
Posts: 14
Joined: Thu Nov 06, 2008 3:18 am

Post by troymurray » Thu Jul 02, 2009 5:15 am
Today I started noticing a strange resolution problem on my MB. I'm connected to the local network (35.x.x.x) here, but have an OpenVPN connection to my server cluster network (192.x.x.x). The internal DNS server on our server cluster network is configured to report back external FQDN with the internal IP address. Meaning my.server.org from inside the server cluster network (192.x.x.x) reports the internal address of the system (192.192.192.192) instead of the external IP address of the server (35.35.35.35).

So if I run a dig, host or nslookup using my FQDN it resolves to the correct internal IP address. If I run PING or use Safari to go to the web page on that server, the external IP address is used. I don't have anything configured it my HOSTS file, and my /etc/resolve.conf is currently set to use my internal DNS server on our server cluster network. I've also cleared my cache (dscacheutil -flushcache), but the results are the same. I am NOT using a proxy. I feel like I'm missing something, any clues?

I'm using the latest build of Viscosity with the "Use alternate DNS support" set to true
--
Troy Murray

James

User avatar
Posts: 1898
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Sun Jul 05, 2009 11:54 am
Hi Troy,

How do you get on with "Use alternate DNS support" turned off?

Dig, host, etc use resolve.conf for DNS resolution, however most other applications use Mac OS X's resolver system. Too check if your DNS server is correctly being set under this system, open the Terminal application, and type "scutil --dns" (no quotes). Are your VPN DNS/Domain settings listed there?

Cheers,
James
James Bekkema
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

troymurray

User avatar
Posts: 14
Joined: Thu Nov 06, 2008 3:18 am

Post by troymurray » Thu Jul 30, 2009 8:05 am
James,

I have "Use alternate DNS support" set to "TRUE" and I'm using OpenVPN 2.1 as the default.

If I run the command you suggest, here are the results:

resolver #1
search domain[0] : mynetwork.local
nameserver[0] : 10.0.1.1
order : 200000

resolver #2
domain : mynetwork.local
nameserver[0] : 192.168.192.41
order : 100400

resolver #3
domain : myuserid.members.mac.com.
options : pdns
timeout : 5
order : 150000

resolver #4
domain : local
options : mdns
timeout : 2
order : 300000

resolver #5
domain : 254.169.in-addr.arpa
options : mdns
timeout : 2
order : 300001

resolver #6
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300002

resolver #7
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300003

resolver #8
domain : a.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300004

resolver #9
domain : b.e.f.ip6.arpa
options : mdns
timeout : 2
order : 300005
--
Troy Murray

James

User avatar
Posts: 1898
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Fri Aug 14, 2009 2:39 am
resolver #2
domain : mynetwork.local
nameserver[0] : 192.168.192.41
order : 100400
Mac OS X should be using this DNS server (it looks like your internal one?) for DNS resolutions from apps like Safari, however it's possible OS X may be falling back to the next priority DNS server (10.0.1.1) for DNS resolutions. Turning off "Use alternate DNS support" doesn't solve this? Viscosity's standard DNS support should temporarily remove your local DNS server from the resolver list, thereby preventing it from being used for resolutions (which would resolve to the external IPs).

Cheers,
James
James Bekkema
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
4 posts Page 1 of 1