[macOS]: Observed NIMLOC dns query in utun for Sonoma

Hi Team,

In Sonoma, we have observed NIMLOC DNS queries originating from the utun interface with identical destination and source addresses, causing a loopback within utun. How should these DNS queries be handled?

This issue does not occur in Ventura. Please refer to the attached screenshot.

Is this a UTUN interface that you set up?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

@eskimo: Yes, we have created this using

socket(AF_SYSTEM, SOCK_DGRAM, SYSPROTO_CONTROL));

To what end? Is this for a VPN product?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

@eskimo, Yes, it is a VPN product, and we are creating a utun interface to route all DNS traffic. There we observed NIMLOC dns query for sonoma.

OK. There are limits to how much I can help you with this. DTS supports VPN products built using the Network Extension architecture. Once NE shipped, we stopped supporting older techniques [1] [2].

Coming back to your original question:

How should these DNS queries be handled?

It’s hard to give a good answer given that your product isn’t built on a solid foundation. However, my inclination is to simply drop these on the floor and see what breaks (-:

Based on the comments here, I suspect these are coming out of the NetBIOS client.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] This includes iOS’s semi-private VPN plug-in architecture and the ad hoc VPN techniques that were prevalent on earlier versions of macOS.

[2] Speaking of older techniques, I want to put in a plug for TN3165 Packet Filter is not API.

[macOS]: Observed NIMLOC dns query in utun for Sonoma
 
 
Q