Link to home
Start Free TrialLog in
Avatar of ckunkle
ckunkle

asked on

Mac OS X 10.6.4 can't ping, but DIG and NSLOOKUP work fine

I have a MacBook running 10.6.4 and the Internet stopped working.  That's when I first started with ping from the terminal, and it didn't work.  I get "ping: cannot resolve www.google.com: Unknown host".  Then I tried NSLOOKUP and DIG, and they both work?!? Another weird side note is that I fired up my Windows in VMware, and Firefox/Ping both work when the network adapter is in NAT and Bridged mode.  So not only does ping not work, but Safari/Chrome/Firefox no longer work.  It's as if anything that tries to use the Mac's DNS, doesn't work, but the tools (DIG, NSLOOKUP, HOST) must use their own built in utilitiy to resolve DNS that is independant of the Mac DNS utility?  My guess is the Mac's mDNSResponder is responsible for this, and that's why PING, Safari, Firefox, Twitterrific, etc, don't work.

Here are some of the steps I took to troubleshoot this:
1) Tried multiple access points (SonicWALL and FiOS AP)
2) Internet/name resolution works on other computers at my house
3) PING does not resolve names through terminal
4) NSLOOKUP works terminal
5) DIG works through terminal
6) HOST works through termial
7) Checked Mac firewall - it's turned off
8) Turned Mac firewall on, and then back off
9) HTTP GET using telnet works through terminal
10)  Windows VM can resolve names through NAT or Bridge mode
11) /etc/resolve.conf has the proper name servers, and both verified working through NSLOOKUP
12) Created a guest login within the Mac, and it doesn’t work either
13) ps aux shows mDNSResponder running
14) killed mDNSResponder, and did another ping
15) Ran Disk Utility to repair permissions, and then shut down to restart
16) Ran packet capture on UDP 53 traffic from firewall - nothing
17) Ran Wireshark on Mac for UDP 53 traffic - nothing
18) Ran tcpdump -i en1 and that doesn't show anything
19) dscacheutil -statistics shows cached misses for gethostbyname
20) Console shows nothing in the log when ping fails
21) Change IP from DHCP changed to STATIC
22) Tried built-in Ethernet connection - same results as wireless

I am going to rebuild this tomorrow afternoon if I cannot find a solution soon.  I didn't want to spend 5+ hours on this one problem tonight.  I can't be running Windows all the time if you know what I mean. ;)

So if anyone has got any pointers, please pass them along quickly.
Avatar of Mac2010
Mac2010
Flag of Netherlands image

- Are the DNS settings in /System Preferences/Network/ OK? Or just assigned via a DHCP server?
- What happens when you add the IP numbers of your ISP's DNS servers to the list of DNS servers?

Ping should work without DNS settings provided that you ping for IP numbers and the router/gateway IP number is correct.
- What result do you get when you enter "ping localhost" (assuming that the firewall on your Mac in inactive) in the terminal?
- Does PING work when you use Network Utility (in Utilities folder)?

If it takes more time to fix this issue than to reinstall your Mac, I wouldn't spend too much time on fixing this issue. It may be corrupted software causing the issue.
Make sure you don't have any proxies set in the network prefs.

Try manually setting the DNS servers to:

8.8.8.8
and
8.8.4.4

Try clearing the DNS caches by typing

dscacheutil -flushcache

into a terminal window
Avatar of ckunkle
ckunkle

ASKER

@Mac2010
DNS is assigned by my firewall, and passes my ISP's Public DNS servers to my LAN.  Both DNS servers work on multiple machines on my LAN, and both get assigned to my Mac.  /etc/resolve.conf also gets updated correctly and matches what shows up in System Preferences/Network.

Ping works only by IP (example 207.172.3.8), but not by names.
Ping works when you use localhost
Ping works with other entries in the local HOSTS file
Network Utility works with IP (example 207.172.3.8)
Network Utility does not resolve www.google.com

@strung
No proxies are set.  I went through all network connections and tried from WLAN and LAN.
No proxies are set with any browser.
Manually set DNS servers do not work, even googles as you suggested (remember NSLOOKUP and DIG do work)
dscacheutil -flushcache from terminal did not fix the problem.
ASKER CERTIFIED SOLUTION
Avatar of Mac2010
Mac2010
Flag of Netherlands image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Long shot, but try temporarily renaming the Hosts file and restarting just in case something in there is killing the DNS.
Avatar of ckunkle

ASKER

I added one entry in the hosts file (host.domain.local) to resolve a host through a VPN tunnel.  I deleted the hosts file, rebooted, and that did not solve the issue.
Is the VPN turned off?
Avatar of ckunkle

ASKER

Depends on what access point I am connected to.  The SonicWALL has the VPN tunnel, the Verizon FiOS does not.  Neither work.

I have my MacBook at work now...it still doesn't work.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ckunkle

ASKER

I did a clean install and repartitioned the drive to get rid of boot camp while I was at it.  Everything is working.  Data restored from a SuperDuper backup.
Sweet.
Another thought was to look at the DNS entries in Network Preferences. If you did did it have your ISP DNS IPs? Either way glad you got everything back to normal!
Avatar of ckunkle

ASKER

Network Preferences changed depending on what AP I was attached to a the time.  If I was attached to my SonicWALL, it was 207.172.3.8 and 207.172.3.9.  If I was attached to my Verizon FiOS wireless router, it was 192.168.1.1 (really forwarding to 71.252.0.12).

Either way, DNS did not resolve.  NSLOOKUP worked, even using what was supplied in Network Preferences, but the system still could not ping or browse the Internet.  That's why I suspect mDNSResponder service was messed up, but NSLOOKUP still worked.
Avatar of ckunkle

ASKER

The solution was partially right.  I reinstalled the OS, but not be the methods they proposed.