macOS has a sophisticated system of scoped DNS routing for the sake of things like VPN. So if you for example have a VPN connection to “work” up right now, queries for your work’s domain names may be going to a DNS server at work.
To see the whole list, run:
scutil --dns
To query DNS like the system does, use:
dns-sd -G v4v6 example.com
dns-sd -q example.com 255 255
(you have to hit Ctrl-C to get out of dns-sd
).
The host
, dig
, and nslookup
commands are old unix commands for DNS server troubleshooting that contain their own DNS resolver code and don’t use the system’s libraries. So if you don’t specify which server you want them to use, they just get the ones from the autogenerated /etc/resolv.conf
, which only gets populated with the default servers for unscoped queries. But a tool like ping
probably just calls gethostbyname(3)
which uses the system’s scoped DNS routing.
Edited to add:
I should also mention that macOS can get hostname to IP address resolution information from a variety of other means, including:
- mDNS (Apple Bonjour / IETF ZeroConf)
- Open Directory (an Apple schema on LDAP)
- Other LDAP
- Active Directory
- WINS
- NetBIOS Name Service
- NIS (formerly YellowPages/yp; the Sun/Oracle network information service)
You can edit these settings with the dscl
command-line tool, or with the Directory Utility app, which hides at:
/System/Library/CoreServices/[Applications]/Directory\ Utility.app