I seem to constantly have trouble resolving hosts on my network from OS X systems. I have a domain (let's call it mydomain.com) with a lab.mydomain.com subdomain and the host I want to get to, at host.lab.mydomain.com.
My Mac's DNS search entries include:
- mydomain.com
- lab.mydomain.com
- lab.otherdomain.com
- othersubdomain.otherdomain.com
I can resolve the full 'host.lab.mydomain.com' just fine, and when I have 'lab.mydomain.com' in the list, I can use just 'host' since it resolves under the 'lab.mydomain.com' suffix. But I can't resolve (in certain cases -- read on) "host.lab".
The weirdest thing is this failure only happens with certain commands (namely, SSH and dig). Using 'nslookup' works fine and resolves the hostname properly. However, using SSH or dig fails. I can usually, but not always, resolve "host.lab" through Chrome.
I ran a tcpdump filtering on port 53 to try and diagnose this myself, and the results were interesting: after running "dscacheutil -flushcache; killall -HUP mDNSResponder" and attempting to resolve using the different commands, I found that "nslookup" of course was doing a proper lookup to my configured DNS server using each suffix in order, which found the host in short order. However, ssh and dig seem to be treating "host.lab" as a top-level domain and going straight to root-servers.net to try and resolve "host" as a domain name under the ".lab" TLD -- without ever touching my configured DNS server!
What's the deal? Why are these certain name resolution schemes on my Mac short-circuiting and treating .lab as a top-level domain instead of honoring my DNS search suffixes? Of course I can work around this by punching out the full domain name, but it's really, really annoying.