Mac not resolving DNS

Hi,
   Are you getting IP from DHCP.
What is your gateway address.
you should be getting IP of 10.1.1.1 subnet 255.255.255.0 gw 10.1.1.x

can you ping your router/gateway from your mac at all

I would suggest you go back to DHCP.

You say you get unknown host when you ping apple.com.

What happens when you ping Apple.com's IP address, 17.142.160.59 ?

Also try a trace route to 17.142.160.59

Will http://17.142.160.59 open in a browser?

In the Mac's network prefs, make sure nothing is checked in the Proxies tab.

Open the console and see if any error messages are being thrown up when you do this.

Hmm. 17.42.160.59 isn't the best example as ping is turned off on it.
However on IPs that do ping I get a ping response.

The Mac Mini does pick up fresh IPs from the DHCP server (that are correct and valid) when I switch it from Static.

The GW is correct otherwise I wouldn't be able to ping 8.8.8.8 etc.

The Windows machines still and have always worked.

It's an issue with the way the Mac is resolving the DNS requests in some form.

What would you recommend me to try next?

This is a problem I have never seen before, so I am puzzled. Have you checked the console logs for clues?
Also, check the Mac firewall and the proxy settings in the Network prefs.

How are you connecting to the internet? Is there any possibility that your router or server is blocking internet access for Macs?

Are you logged into the Macs using an Admin account?

Agreed, this is indeed weird.

The router (DrayTek 2860) can ping 8.8.8.8 and news.bbc.co.uk.
The Mac Mini can ping 8.8.8.8 but not news.bbc.co.uk.

If I traceroute either I just get the first link resolving to the Default Gateway.

traceroute 8.8.8.8 (8.8.8.8), 64 hops, 52 byte packets
1 192.168.0.1 etc
2 * * *
3 * * *
etc

traceroute news.bbc.co.uk
traceroute: Warning: news.bbc.co.uk has multiple addresses; using 2.2.58.244.56
1 192.168.0.1 etc
2 * * *
3 * * *
etc

Admin and Guest users report identical results.

No proxies ticked, entry of *.local, 169.254/16

This EE thread:  https://www.experts-exchange.com/questions/28355077/Windows-domain-name-resolution-issues-from-Mac-OS-X-10-9.html

suggests running the following two terminal commands:

sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

Why is your Mac Mini on 10.11.1 when your gateway is 192.168.0.1 ? Are you doing double NAT? Your Mini should be on the same subnet as the gateway.

That's the version of the O/S - El Capitan, ;-)
Will run those two commands late this evening - very many thanks for all your help.

Here are some suggestions specific to El Capitan:

http://osxdaily.com/2015/10/16/fix-wi-fi-problems-mac-os-x-el-capitan/

Ping is not a good test as icmp is often blocked.
Nslookup www.google.com?
On the draytek what is the wan versus the LAN ip? If they are on overlapping segments, that will be your issue.
WAn 10.1.1.0/24
LAN 10.1.1.0/24
You may have double nat issue.

Getting there. Flushing the DNS means I can Ping the outside world. Need to check with NSLookUp later.

This worked.
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

However, browsers are not bring up web pages.
I have run DHCPFind to make sure there really is one DHCP server on the range (SBS 2011 server). The Router is on a fixed IP (192.168.0.1) and the external IPs are very different.

Any further ideas. Is there a more stringent DNS Flush that could be run? Should I run it again?

Go into the router settings and make sure that the router is not also providing DHCP.

It's isn't and it's not on IP6 either.

If I run a traceroute it only gives me the first line and then ***. Suspect the network settings are in a bad way. Are there any strong variants of the flush dns command I can use. Apologies, I am unfamiliar with low level fixes on a Mac.

A few things to try:

1. Boot the Mac in safe mode by booting while holding down the shift key. See if that makes a difference.
2. Create a new admin. user and boot into that user and see if that makes a difference.
3. Go to Apple Menu>About this Mac>Overview>System Report and go down the the Network section and copy and paste the details in the right window back here.
4. Go to: http://www.etresoft.com/etrecheck and download and run EtreCheck and post the report back here.

Also, to flush the DNS cache:

sudo killall -HUP mDNSResponder

This one is a longshot, but is it possible someone has tinkered with the hosts file on the Mac?

Download, install and run the freeware TextWrangler:  http://www.barebones.com/products/textwrangler/

Then in Finder pull down the GO menu to Go To Folder and enter:

/etc

In the /etc folder, locate the Hosts file. Right-click on it, choose Get Info and choose Open in Textwrangler and check the box to always use Textwrangler as the default application.

Copy the contents of the hosts file and post the results here.

If you're going to try safe mode, you might as well try resetting the SMC and the PRAM too.

Have you actually tried the nslookup commands as Arnold previously suggested?  That may possibly narrow down what the problem might be.

nslookup www.google.com
nslookup www.google.com 8.8.8.8
nslookup www.google.com 74.74.74.74

Very many thanks for that swathe of advice. I'll only be able to test it on Monday so will report back then. Apologies for the hiatus.

Right,

1. sudo killall -HUP mDNSResponder  seems to have made no difference although it is just the type of thing I would have thought was requird.

2. hosts reads
    127.0.0.1 localhost
255.255.255.255 broadcasthost
::1       localhost

Seems inoquocuous to me

3. Googling nslookup www.google.com returns a Non-authorittative answer :-)
 Doing  nslookup www.google.com 8.8.8.8 returns connection timed out; no servers could be reached
 nslookup www.google.com 74.74.74.74 ditto

Do these answers supply any further, albeit subtle, clues.

The hosts file looks okay. So its not that.

I don't believe I got an answer to a question I asked earlier:

Will http://17.142.160.59 open in a browser? It should open Apple.com. If it doesn't, then your problem is not DNS, but a lack of internet connectivity.

No and neither does the App Store/Update show any sign of life.

I can ping/nslookup selectively from the Mac and the network works for the windows machine running at about 40Mbps download.

So, if your web browser won't browse by IP, then your problem is not a DNS problem but a general connectivity problem.

Are any of the Macs laptops? If so, could you try and see if they work when connected to an network other than your office one.

Are all the Mac's configured identically? Could you download and run etrecheck http://www.etresoft.com/etrecheck and post the results back here.

Could you post a screen shot of your Network prefs main page and the TCP/IP,  DNS  and PROXIES tabs?

I've been reading through this thread and I have to admit that I think I'm missing a thing or two here.  Everything that has been suggested sounds like it ought to have solved the problem.  Would it be possible to post a diagram of the macs' network connectivity and as a comparison, a similar one for the PCs?

If there are any extra networking boxes between the outside world and your Macs, one suggestion would be to bypass them so as to make the Macs peers with your PCs.  Then try the same tests.

@Tim, I wonder if we have a double-NAT situation here?

@strung:
It's quite possible and is one reason why I wanted to see a diagram.  

Sometimes it's not obvious which piece of networking equipment is doing what until the map is laid out in black and white.  All it would take to mess things up would be - for example - a Time Capsule or other smart device handing out unwanted and bogus DHCP leases.

Sorry but the diagram is horribly simple. Yes there is a switch or two in there but they are all on open broadcast, and the PC and the Mac Mini plug into the same switch.

Internet-Supply---Home.tif

Sorry couldn't find a different image for the Mac ;-). I will run etrecheck later this evening and upload.

Is DHCP turned off on the router?

Also, on the off chance that someone has installed a time capsule without telling you, run a scan from a Mac using Airport Utility and see if it finds anything.

Also could you try physically swapping a Mac and a PC to see if the problem is Mac specific or specific to a network node?

DHCP is only on from the server. Have run DHCPfind to prove this.
Here's the etrecheck file for the Mac that isn't working.
EtreCheck-version.docx

According to EtreCheck, your Mac has the Geneio/InstallMac malware. This is not likely causing your problem, but it should be removed:

http://www.thesafemac.com/arg-genieo/

https://support.apple.com/en-us/HT203987

From the EtreCheck, it looks like you are running two different anti-virus programs at the same time - Avast and Vipre. You should run one or the other. It is possible that they are interfering with each other. I am not familiar with Vipre. Is it possible that it has a firewall that is blocking your internet access?

I would try, temporarily at least, disabling or uninstalling both.

It appears that you are also running a fan control program called TG Pro from Tunabelly software. This probably has nothing to do with your problem, but I think it is unwise to use software that interferes with your Mac's automatic temperature control.

You are also using something called Avast Secureline which I understand to be a VPN product. This could possibly causing your problem if it cannot connect to its designated VPN service.

Etrecheck also shows that Time Machine is backing up to a 2 TB drive. Am I correct in assuming that this is a USB connected local drive or an NAS and not a Time Capsule?

I think it would still be worthwhile to swap positions between the Mac and a working PC to rule out a network node problem.

TuneUpMyMac is another piece of malware on your computer that should be removed:

https://www.sophos.com/en-us/threat-center/threat-analyses/adware-and-puas/TuneupMyMac.aspx

Hmm, the machine was working with all that gubbins before...
Have removed Vipre and without being able to download no sure how to download the Genio destroyer.
Avast has also been turned off.

Have flushed the DNS a few more times with sudo killall -HUP mDNSResponder  and there were flickers of sanity from the machine. As Safari did have the decency to give me a timeout explanation, attached, that might give the game away.

I believe it's a network/DNS style issue.

How can I download the latest drivers for the Mac Mini (2011) to another machine and then reinstall them in here?

Very many thanks all your help and persistence. This is beyond the call of duty.
Safari.docx

I really don't think it is a driver issue.  It is more likely a network issue. Try moving the Mac to a location where you now have a working PC and connect the Mac there and see if it works.

A couple of other things you could try on the Mac:

1. Try doing a safe boot by booting while holding down the shift key and see if the Mac then connects to the internet. If it does, then the problem is some sort of startup item and we can work from there.

2. If that does not work. Create a new admin user and reboot into the new admin user profile.

However, I still would like to see what happens when you try to connect the Mac to the PC side of your network.

OK, so back to the network it is:

I concur with the idea of swapping the machines to see if network location has anything to do with it.  

As well, could you post a the network config of a PC and a Mac as they are now (i.e. before swapping) to see if there are any obvious differences?  A screenshot from each will do.

Have you tried the tips shown on the OS X daily link (posted by strung early in this thread) to reset your network prefs?  There a bunch of ".plist" files that need to be removed.

When you post the Mac Network configs, please post a screen shot of the opening page of the Network Prefs, plus a screen shot of the following tabs in the Advanced screen:  TCP/IP, DNS, Proxies.

Also, on the Mac it would be helpful if you did the following:
Pull down the Apple Menu to About this Mac, then go to System Report. Expand the network section and copy and paste the contents to a message here.

By the way, the EtreCheck showed that Vipre was using up 46% of your CPU cycles.

Will do. Probably post an update early tomorrow morning (18 hours).

Very many thanks. The latest update on the saga...

1. Creating and logging in as a new Admin user made no different.
2. Couldn't start in safe mode - will bring back Apple keyword later.
3. Rerun etrecheck - attached
4. Network screenshots - attached
5. Used Ethernet cable from working PC and made no difference.

It feels as if the network is there but the pipe is so constricted anything worthwhile times out, nut explains why Ping/NSLookUP works but traceroute times out.

Is there anyway I can get hold of the network drivers and re-install them? Not sure how to do this on a Mac.
EtreCheck2.docx
Screen-Shot-2015-11-11-at-13.09.00.png
Screen-Shot-2015-11-11-at-13.09.09.png
Screen-Shot-2015-11-11-at-13.09.15.png
Screen-Shot-2015-11-11-at-13.09.26.png
Screen-Shot-2015-11-11-at-13.09.30.png

From the EtreCheck, you still have Vipre, Avast and Geneio running.

Try this. Open Activity Monitor (found in /Applications/Utilities) and use it to kill any processes that look like they are related to any of the above products. Then see if you can access the internet.

Thanks for the screen shots. They do not look untoward, but you posted the WINS tab twice and not the Proxies tab.

Can you post the equivalent screen shots for a working PC?

P.S. also please post a screen shot of your Activity Monitor window.

BTW, did you check to make sure the Mac firewall is turned off in System Preference>Security & Privacy?

Apologies, I suspect I uploaded the original etrecheck log. Vipre/Genrio etc weren't running but AvastVPN was. I killed it and made no difference. Here's the current etrecheck log and activity monitor screen shots. The interesting one is the network activity that does exist and is minimal. My suspicion is that it's a network drive issue...  

Can I download the network part from anywhere and reinstall it or flush it to factory settings?
EC3.docx
Screen-Shot-2015-11-11-at-16.36.59.png
Screen-Shot-2015-11-11-at-16.37.10.png
Screen-Shot-2015-11-11-at-16.37.22.png
Screen-Shot-2015-11-11-at-16.37.27.png
Screen-Shot-2015-11-11-at-16.38.01.png

By the way, on the Mac you can create screenshots of part of the screen by command command-shift-4 instead of command-shift-3. This will turn the cursor into a cross-hair. Place the cross-hair at the top left of the area you want in your screen shot, then drag to the bottom right of the part you want in the screenshot and release.

This is really strange. As mentioned above, please check to make sure the Mac Firewall is disabled.

Also, please post screen shots of the network settings from a working PC so that we can compare them to the Mac's settings.

It may be that you are going to have to take the Mac offsite to see if it will connect to a different network, say your home network. If it does not connect at home, the problem must be software related and I would suggest a system re-install.

Are you connecting by wifi or ethernet, by the way, or have you tried both?

Sorry, to directly answer your question, re-installing network drivers is a PC type of thing that does not translate to a Mac troubleshooting procedure. Because Mac software does not run on hardware other than Apple hardware, there is no need for hardware specific drivers. The Mac network drivers are just part of the OS and drivers are not separately available.

Is there any possibility that your server or router have MAC address filtering turned on and are rejecting the Macs for that reason?

Please reinstall the OS.

Back up your data.
Boot into recovery mode by holding command r when starting up.
Select Recovery Mode.

This should not delete your user profile or your apps, but it's always best to back up data whenever doing an OS recovery.

The recovery should reinstall all your OS files and not interfere with settings.

If that doesn't work, and you still have the malware/adware/spyware installed, I suggest you backup your data and delete the partition before you reinstall the OS.  You will wipe your entire disk and you will have to reinstall all your apps.  This is generally the standard procedure for Windows viruses, but it appears that you have installed some adware/spyware.

Geez strung,  you answered 4 times while I was drafting my one message.  I wish I had the free time that you have. :)

The joys of being retired!

In the original question, you mentioned that the mac mini is on 10.11.1.

In your screen capture, it shows
192.168.0.111  IP
192.168.0.1  Gateway
192.168.0.2  DNS

Why are you on a different subnet?  Is that supposed to be on a different subnet?  Did it work before on those IPs?  Are those actually correct?

@Serialband: I made the same mistake earlier. 10.11.1 is the version of the operating system, not the IP address.

Can you ping the Gateway?  Can you ping the DNS?  Is the DNS actually correct?

Compare that to the Windows systems you have.  Do they have the same Gateway and DNS?

I'll take the Mini into work on Monday and report back then. So let's take a break from this issue for a little while.

Very many thanks for your help and persistence.

Good enough. Talk to you on Monday. Have a nice weekend.

Gentlemen, some good news. Took offending Mac Mini to work and put on high speed SDSL connection on a new range and worked perfectly, although there was a little stuction to start with.

Will take it home and try again.

Suspect something very obscure with router. Failing that a reinstall beckons.

Thank you so much for your help and patience with this one.

Support miles beyond the call of duty - thank you so much.

I can think of several possibilities that have to do with your network rather than your Mac.

Do you have any managed switches between the main internet connection and the Mac? If so, check to make sure they have Spanning Tree Protocol turned off.  Macs don't support it.

Also check to see if there is any security on the managed switches. They can potentially be set to not allow unknown devices to connect to the internet.

There is alway the possiblity of a bad cable or connection.

What I would to is to plug the Mac straight into your router and see if it works. Then move back up the chain node by node until you find out where the connection stops.

Apologies for the delay in this final reply. I got hold of a 50' Ethernet cable from work and jumped the Mac Mini straight into the router and still no joy.

At least we know where the issues lie.

Once again thank for so much for your persistence in dealing with this rogue issue.

Try one more thing - while connected with the 50' cable, try this:

Open the Mac Network Utility. (You can use Spotlight to find it, but it is hidden in /System/Library/CoreServices/Applications), click on the Info tab, make sure you have the ethernet interface selected, and check for Send Errors, Receive Errors and Collisions. (All should be zero).

Is this actually solved, or not?

Doesn't sound like it is to me. I am suspicious of the cabling. The Mac has gigabit ethernet. The PC's may be only 100BaseT. Gigabit ethernet is a lot fussier about cabling. That might explain why the PC's work and the Macs don't.

That is why I asked Ed to use Network Utility for send and receive errors and collisions.

I had exactly this problem years ago, but at that time the Mac was 100BaseT and the PC was 10BaseT. The PC would connect fine, but the Mac wouldn't. I traced the problem to a miswired 70' cable. Whoever crimped the ends didn't realize the importance of proper pinouts.