Local DNS on MacOS X for developers¶

Sometimes you have the need of local DNS names. Typical this is in local development of VM's or kubernetes services.

The common method we are all using is to make entries in /etc/hosts.

I don't like this for a couple of reasons:

• it's easy to blow up the file and get problems after your next reboot
• this file is root only, though you have to edit it with sudo :-(

There should be a better way!

Solution¶

• Mac OS X resolver is capable to use multiple DNS servers very easily.
• There's a very lightweight and easy to configure DNS server: dnsmasq

Implementation¶

1. Install dnsmasq with homebrew: brew install dnsmasq

2. configure it:

   cp /opt/homebrew/etc/dnsmasq.conf  /opt/homebrew/etc/dnsmasq.conf.orig
   echo "conf-dir=/opt/homebrew/etc/dnsmasq.d/,*.conf" | tee /opt/homebrew/etc/dnsmasq.conf
   

3. generate at least one DNS file in /opt/homebrew/etc/dnsmasq.d/:

   local.conf:

   # 192.168.50 is my local WLAN
   # for customer VM's (macbook air)
   address=/testvm1.local/192.168.50.47
   address=/testvm2.local/192.168.50.152
   address=/testvm3.local/192.168.50.32
   # testvm has 3 addresses
   address=/testvm.local/192.168.50.47
   address=/testvm.local/192.168.50.152
   address=/testvm.local/192.168.50.32
   # 192.168.205 is UTM.app local
   # local machines here
   address=/alma-arm-vm.local/192.168.205.7
   address=/alma-intel-vm.local/192.168.205.8
   # 192.168.254 is VMWare Fusion local
   address=/almavm.local/192.168.254.129
   

   pflaeging.net.conf:

   # 192.168.254 is VMWare Fusion local
   address=/gubernat1.pflaeging.net/192.168.254.130
   address=/ms1.pflaeging.net/192.168.254.131
   # this is a wildcard
   address=/.gubernat1.pflaeging.net/192.168.254.130
   # 192.168.50 is my local WLAN
   # gubernat VM's on MacBook Air
   address=/rhel9-gubernat.pflaeging.net/192.168.50.173
   # this is a wildcard
   address=/.rg.pflaeging.net/192.168.50.173
   

4. start your dnsmasq service: `sudo brew services start dnsmasq``

5. make Mac OS ready for a custom resolver: sudo mkdir -p /etc/resolver

6. set a pointer to your new resolvers and make them in high priority:

   contents of /etc/resolver/local (filename equals domain!):

   nameserver 127.0.0.1
   search_order 1
   

   Then create a file for each domain you configured above with the same content.
   (in this use case it would be /etc/resolver/pflaeging.net)

7. to be sure everythings working kick the original resolver and clean the caches:

   sudo dscacheutil -flushcache
   sudo killall -HUP mDNSResponder
   

8. when I change or add things in my dnsmasq config I'm restarting the dnsmasq job. This is not required but the easiest way: sudo pkill dnsmasq

Debugging¶

• Show resolver config: scutil --dns
• Query the DNS resolver from the commandline: dscacheutil -q host -a name myfunnyname.domain.net
• Query the local dnsmasq instance: dig myfunnyname.domain.net @localhost