DNS not setup on M1 version

Got a problem with Viscosity or need help? Ask here!

ldmbis

Posts: 2
Joined: Fri Mar 12, 2021 8:32 am

Post by ldmbis » Fri Mar 12, 2021 8:38 am
I have used Viscosity for a long time on an intel macbookpro (version 1.9.2)
I got an M1 and installed the new version. I migrated the settings (export on intel / import on M1) thinking that this should always work.

But while it connects, the DNS does not seem to update. Meaning, the content or /etc/resolv.conf is unchanged after connecting from the M1. The output of scutil --dns does not appear to change either.

On intel, the /etc/resolv.conf gets updated the moment the VPN connects.

Any hint/ideas about what might be off ?

(the connection seems up. But without the DNS going to the right place, nothing works of course)

Thanks,

James

User avatar
Posts: 2312
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Fri Mar 12, 2021 10:56 am
Hi ldmbis,

resolv.conf is not used on macOS. For more information please see:
https://www.sparklabs.com/support/kb/ar ... unix-users

For information on how to check which DNS server/s are being used please see:
https://www.sparklabs.com/support/kb/ar ... being-used

Please keep in mind that if you're using Split DNS the DNS settings will appear in the "DNS configuration (for scoped queries)" section (rather than the "DNS configuration" section) when checking the scutil --dns output. If you're unsure which DNS Mode your connection is using, it should be listed in the connection log:
https://www.sparklabs.com/support/kb/ar ... envpn-log/

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

ldmbis

Posts: 2
Joined: Fri Mar 12, 2021 8:32 am

Post by ldmbis » Fri Mar 12, 2021 11:55 pm
Dear James,

I'm attaching the screenshot below showing the log from a connection on the M1 alongside the output of scutil --dns.

I'm afraid that the DNS is not setup properly and I'm afraid that you are mistaken about resolv.conf not changing automatically. It does on Intel (maybe it is not used, but it changes on intel and does not on the M1)

See below the textual output of scutil. As indicated, the very same configuration on the intel Mac on the same network works without a flaw. I can make a movie recording on the intel and the M1 if you wish...
Code: Select all
➜  ~ scutil --dns
DNS configuration

resolver #1
  search domain[0] : local
  nameserver[0] : 192.168.1.1
  nameserver[1] : 1.1.1.1
  nameserver[2] : 8.8.8.8
  if_index : 6 (en0)
  flags    : Request A records, Request AAAA records
  reach    : 0x00020002 (Reachable,Directly Reachable Address)

resolver #2
  domain   : local
  options  : mdns
  timeout  : 5
  flags    : Request A records, Request AAAA records
  reach    : 0x00000000 (Not Reachable)
  order    : 300000

resolver #3
  domain   : 254.169.in-addr.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records, Request AAAA records
  reach    : 0x00000000 (Not Reachable)
  order    : 300200

resolver #4
  domain   : 8.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records, Request AAAA records
  reach    : 0x00000000 (Not Reachable)
  order    : 300400

resolver #5
  domain   : 9.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records, Request AAAA records
  reach    : 0x00000000 (Not Reachable)
  order    : 300600

resolver #6
  domain   : a.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records, Request AAAA records
  reach    : 0x00000000 (Not Reachable)
  order    : 300800

resolver #7
  domain   : b.e.f.ip6.arpa
  options  : mdns
  timeout  : 5
  flags    : Request A records, Request AAAA records
  reach    : 0x00000000 (Not Reachable)
  order    : 301000

DNS configuration (for scoped queries)

resolver #1
  search domain[0] : local
  nameserver[0] : 192.168.1.1
  nameserver[1] : 1.1.1.1
  nameserver[2] : 8.8.8.8
  if_index : 6 (en0)
  flags    : Scoped, Request A records, Request AAAA records
  reach    : 0x00020002 (Reachable,Directly Reachable Address)
➜  ~ ssh gateway.csi
ssh: Could not resolve hostname gateway.csi: nodename nor servname provided, or not known
➜  ~
Attachments
Screen Shot 2021-03-12 at 7.45.32 AM.jpg
Screen Shot 2021-03-12 at 7.45.32 AM.jpg (103.08 KiB) Viewed 4598 times

James

User avatar
Posts: 2312
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Mon Mar 15, 2021 10:39 am
I'm afraid that the DNS is not setup properly and I'm afraid that you are mistaken about resolv.conf not changing automatically. It does on Intel (maybe it is not used, but it changes on intel and does not on the M1)
I think you may have misinterpreted my statement. resolv.conf is not used on macOS. Please read the information at previously the linked article, as it includes information directly from Apple about it.

See below the textual output of scutil.
An issue that stands out is the use of the .local domain. This is a reserved mDNS domain, and Apple indicate attempting to use it as a standard unicast DNS subdomain may have unpredictable effects:
https://support.apple.com/en-us/HT207511

It's difficult to tell without a before comparison, but it looks like the .local domain is set on your normal network connection (en0) rather than part of the VPN connection. This might explain the discrepancy you're seeing between your two Macs. I recommend removing it, restarting your computer, and then seeing whether the issue persists.

If you're still running into the same issue, then the following information will be helpful:

1. A complete copy of the OpenVPN log with the log verbosity level raised. You can raise the log verbosity by editing the connection in Viscosity, clicking on the Advanced tab, and then adding the command “verb 5” (without the quotation marks) on a new line in the Advanced commands area:
https://www.sparklabs.com/support/kb/ar ... n-commands

The VPN connection can then be connected/reconnected and the OpenVPN log accessed and copy-pasted.

2. The Raw Configuration Data for your connection. You can view the raw configuration data for your Viscosity connection by opening Viscosity’s Preferences window, holding down the Option/Alt key on your keyboard, right-clicking (or control-clicking on Mac) on your connection, and selecting “View Configuration Data”.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
4 posts Page 1 of 1