10 second delay for .local TLD in Mac OS X Lion

bonjourdnsosx lion

Our company network uses xxx.companyname.local for all the servers on our local network. Whenever I access one of these servers on my Mac, I have a 10 second delay. I have found out that this delay is caused by DNS lookups, because apparently Lion resolves .local domains in the following order:

  1. check /etc/hosts for IPv6 address
  2. check DNS server for an AAAA record (IPv6 address)
  3. check via MDNS (Bonjour) for an AAAA record
  4. check /etc/hosts for an IPv4 address
  5. check DNS server for an A record (IPv4 address)
  6. check MDNS for A record

Now, the problem is, we don't have an IPv6 network. All xxx.companyname.local servers on our network have only IPv4 addresses and the DNS server has only A records. This means that the address is resolved in step 5. The problem with this is that step 3 takes ten seconds before it times out! Every time I connect to our wiki, SVN server, Kerberos server, etc, there is a 10 second delay.

I have managed to trick Lion by adding lines like the following to /etc/hosts

::FFFF: xxx.companyname.local

If I do this, Lion thinks there is an IPv6 address for the domain and stops after step 1. However, this workaround totally circumvents all the useful features of DNS. I don't want to manually keep track of the IP addresses of dozens of internal domains! I could as well stop using host names and just type IP addresses!

So: Does anybody have an idea how to change this lookup order? Or disable IPv6 lookup since we don't have an IPv6 network anyway?

Best Answer

Stop your IT department from abusing local..

As discussed, abusing a domain name that your company does not own, and shouldn't thus be assuming it can create corporate subdomains in, is wrong and is half of the problem here. If the company computers include Macintoshes (or anything else that uses DNSSD for that matter), then most definitely don't assume that local. is yours to freely mess around with in this manner.

Upgrade your Macintosh.

MacOS 10.4 would indeed treat xxx.companyname.local. as you describe. But this has changed in later revisions of the operating system. MacOS 10.5 passes only two-label names to Multicast DNS. Three-label names such as xxx.companyname.local. are not handled by MDNS. MacOS 10.6 takes this further and tries to detect whether the DNS server has been misconfigured to have a local. zone and act accordingly.

At the very minimum you should configure your Macintosh to have an /etc/resolver/companyname.local file with search_order 1 in it that lists the current IP address(es) of your proxy DNS server(s). This will not work well with DHCP-assigned DNS server IP addresses that change, though, as Apple says.

On the gripping hand …

… these are simply progressively more complex bodges to accommodate wrongheadedness. To quote Marc Krochmal of Apple, "there's always going to be some issue" when people abuse local. in the way that your company is doing. It's been known to be wrongheaded since (a quick search tells me) 2002, if not before. Just don't do it.

Further reading

Related Question