DNS resolution in iOS 10 beta 2

Question

Created Jul ’16

Replies 5

Boosts 0

Views 4.0k

Participants 5

I have my own DNS server that hosts a few zones (bar.local and foo.bar.local). After upgrading to iOS 10 beta 2, I noticed that whenever I attempt to reach a site behind one of these internal hostnames in Safari, I get a "server not found error". This same exact configuration was working in iOS 10 beta 1 (and iOS 9 for that matter).

Furthermore, using an app to test DNS queries (I used "IT Tools"), I found that DNS resolution for these internal hostnames works, but only if you use the FQDN. For example, if I lookup "nagios" it won't work, but if I lookup "nagios.bar.local", it works. I confirmed that the "domain search list" is being pushed to the phone via DHCP as expected by looking at the wifi connection properties page in settings.

One more bit of info I discovered is that even using the FQDN instead of the shortname in Safari doesn't work, even though the DNS query succeeds (I confirmed by running a packet capture on my DNS server and I could see valid queries for "nagios.bar.local" with the appropriate answer from the DNS server). However, the page still immediately errors out and doesn't load due to the "the server cannot be found" error.

Anyone else experiencing similar issues after updating to iOS 10 beta 2?

My guess is that it they changed DNS lookup behavior for domains with a ".local" suffix. For example, if you're running mDNS (avahi) on a more-or-less vanilla Ubuntu installation and you're trying to resolve "something.bar.local", it will fail before attempting to query the DNS server, since by default it tries to use mDNS (the resolution to this on Ubuntu is to change the order of DNS resolution in /etc/nsswitch.conf and instruct it to use "dns" first instead of "mDNS").

I'll do some more testing to see if it's truly related to the ".local" suffix if anyone is interested.

EDIT: After testing by creating a new DNS zone called "bar.mlocal" and setting the DNS search domain for the wifi network to "bar.mlocal", I'm able to access an internal site via shortname in Safari (https://pfsense which was successfully looked up as "pfsense.bar.mlocal")

Boost

Answer 1

vikinge OP

Jul ’16

confirmed same issue, beta 2 domain.local does not work, safari connection to IP workss, ping works, direct dns resolves from the ipad, but safari (and all other browsers on IOS 10 beta 2) fail.

0

Answer 2

JoshuaVB OP

Jul ’16

It's not just Safari and browser that fail. Jump remote desktop client also fails to connect to domain.local on iOS 10 Beta 2. I reported this as a bug to Apple last week.

Regards,

Josh

0

Answer 3

Beast OP

Jul ’16

It sounds like you aren't following the RFC requirements for the use of .local. https://tools.ietf.org/html/rfc6762

0

Answer 4

yaniyu OP

Jul ’16

just change wifi dns parameter

to 114.114.114.114

this will fix this problem

i have trieds free vpn and cyberegost etc. many way in a week

all no work

0

Answer 5

blixapotamus OP

Jul ’16

Thanks for the reply, but the point is I'm running my own DNS server with entries that aren't present on the internet, so I'd like to keep this setup.

What I ended up doing as a temporary solution is exporting all of the DNS records for "bar.local" to a new zone called "bar.mlocal". Then I changed my DHCP server settings so that for my phone specifically, DHCP will set the "search domains" setting to "bar.mlocal" only. This works and allows me to reach the servers via shortname (I'm still not able to reach the servers via FQDN though -- e.g.: "nagios.bar.local").

Hopefully this helps someone else.

0