115

On Mac OS X, if you go to System Preferences -> Network -> Advanced -> DNS on the left is an area where DHCP DNS resolvers show up, or you can enter in your own to override any that your router is dishing out.

On the right is a large field for "Search Domains:".

I am sure there is an analogous field on Windows and Linux as well.

I have looked at google, and also the help pages, which do not say much...

Domains are searched in the order you list them, and the search stops when a valid name is found.

To search a name hierarchy, use search domains of varying scope. For example: building.campus.university.edu, campus.university.edu, university.edu.

Can someone explain to me, or point me to a link that explains what this field is for, and what benefits there may be by me learning different value to enter into it.

I am also curious if anyone has seen any noticeable gains by altering the value for the default MTU from 1500 on Mac OS X when communicating over wireless-N.

Thanks

Improve this question

3 Answers 3

Reset to default
102

These are for the mechanism for going from a machine name to a Fully Qualified Domain Name.

DNS searches can only look at a Fully Qualified Domain Name, such as mymachine.example.com. But, it's a pain to type out mymachine.example.com, you want to be able to just type mymachine.

Using Search Domains is the mechanism to do this. If you type a name that does not end with a period, it knows it needs to add the search domains for the lookup. So, lets say your Search Domains list was: example.org, example.com

mymachine

would try first mymachine.example.org, not find it, then try mymachine.example.com, found it, now done.

mymachine.example.com

would try mymachine.example.com.example.org (remember, it doesn't end with a period, still adds domains), fail, then mymachine.example.com.example.com, not find it, fall back to mymachine.example.com, found it, now done

mymachine.example.com. Ends with a period, no searching, just do mymachine.example.com

Soooo.....

If you have your own DNS domain such as example.com, put it there. If not, ignore it. It really is more corporate than a home setting.

Improve this answer
9
  • 1
    @FrankSchwieterman yes. This is something that DHCP can set
    – Rich Homolka
    Commented Jan 11, 2017 at 12:50
  • 1
    Could someone comment on the privacy implications of leaving Comcast's Search Domain entry, i.e. hsd1.il.comcast.net. Wouldn't this cause your searches to be logged by Comcast regardless of your DNS server entries? If you want to use another DNS like Google/Cloudflare/OpenDNS shouldn't you use their Search Domain? How would someone go about discovering the correct Search Domain for those DNS servers?
    – John
    Commented Mar 13, 2020 at 23:19
  • 1
    @John if you type a qualified domain name like 'www.gxgggdggdgf.com' into your browser DNS will resolve properly and send all your traffic to the appropriate webserver, however if you type an unqualified domain like 'gxgggdggdgf' into your browser no DNS server will recognise this and so your machine will automatically try gxgggdggdgf.hsd1.il.comcast.net, at which point comcast will probably serve you a custom 'unrecognised domain' page of some sort. Some ISPs use this to serve adverts and similar. No real harm but it's technically not compliant with the relevant RFCs.
    – Patrick
    Commented Apr 17, 2020 at 11:39
  • 1
    @patrick well maybe, if your browser doesn’t just pump it to Teh Googles.
    – Rich Homolka
    Commented Jun 9, 2020 at 16:34
  • 1
    I can't think of any context in which I would want to search the current ISP's domain. Seems pretty suspect to me. I don't like that arbitrary routers seem to be able to set this value on my laptop.
    – Joshua Kolden
    Commented Feb 13, 2021 at 4:31
3

When searching for a computer name like "MyMac", you need to know the fully-qualified name of that computer. It might just be MyMac., or it might be something like MyMac.example.edu, or (in a business) MyMac.example.com. The search domains are how the system translates the short name to the full name.

This should be set per-connection, rather than once for your machine, because you may have something like a normal connection active at the same time as a VPN connection to your company, where traffic sent over the VPN should use a different search domain.

Improve this answer
2

All computers have what is called the fully-qualified name (something my Joe.MyCompany.com) and to access the computer you need to know this. The computer name is not enough. However, rather than make you type the fully-qualified, this is a list of entries the computer will try.

When you try to access joe (for example ping joe), it will (in your example) first try to access joe.building.campus.university.edu, then joe.campus.university.edu, then joe.university.edu.

If joe's computer was in another domain, you would need to type the fully name.

It is normally used to record different subdomains on your local intranet.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .