I am running OSX 10.9.2 on my Mac Book Air.
I have my home network set up, with DNS provided by DNSmasq on a Ubuntu 13.10 server. This machine ("serv2") has an internal IP address of 192.168.2.4. I also make it available on the public internet, serv2.njj.chickenkiller.com, however, most of the posts are blocked by my firewall.
When my MacBook is connected to the local newtwork, if i give the dig command, the macbook correctly responds with the internal address:
beethoven:~ nick$ dig serv2.njj.chickenkiller.com
; <<>> DiG 9.8.3-P1 <<>> serv2.njj.chickenkiller.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37954
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;serv2.njj.chickenkiller.com. IN A
;; ANSWER SECTION:
serv2.njj.chickenkiller.com. 0 IN A 192.168.2.4
;; Query time: 61 msec
;; SERVER: 192.168.2.4#53(192.168.2.4)
;; WHEN: Tue Apr 22 22:12:33 2014
;; MSG SIZE rcvd: 61
However, my if I give a command relating to this host, my Mac typically attempts to use the external address for this machine:
beethoven:~ nick$ ping serv2.njj.chickenkiller.com
PING njj.chickenkiller.com (92.72.63.130): 56 data bytes
64 bytes from 92.72.63.130: icmp_seq=0 ttl=64 time=0.812 ms
If I clear the DNS cache, it will use the internal address for a few minutes:
beethoven:~ nick$ sudo killall -HUP mDNSResponder
Password:
beethoven:~ nick$ ping serv2.njj.chickenkiller.com
PING serv2.njj.chickenkiller.com (192.168.2.4): 56 data bytes
64 bytes from 192.168.2.4: icmp_seq=0 ttl=64 time=0.808 ms
Which is fine. However, if I wait 5 minutes and give the ping command again, it will revert to using the external address:
beethoven:~ nick$ ping serv2.njj.chickenkiller.com
PING njj.chickenkiller.com (92.72.63.130): 56 data bytes
64 bytes from 92.72.63.130: icmp_seq=0 ttl=64 time=0.812 ms
I really dont understand how my MAC is picking up the external address, when the DNS always returns the internal address.
Its also a right pain, because most of the services on serv2 are blocked by my firewall. For example my CUPS print server is hosted on serv2, but its also blocked by the firewall. The net effect of this is that I cant print.
Can you let me know if I am misunderstanding what is going on or is my MAC really doing something odd?
Many thanks
I have my home network set up, with DNS provided by DNSmasq on a Ubuntu 13.10 server. This machine ("serv2") has an internal IP address of 192.168.2.4. I also make it available on the public internet, serv2.njj.chickenkiller.com, however, most of the posts are blocked by my firewall.
When my MacBook is connected to the local newtwork, if i give the dig command, the macbook correctly responds with the internal address:
beethoven:~ nick$ dig serv2.njj.chickenkiller.com
; <<>> DiG 9.8.3-P1 <<>> serv2.njj.chickenkiller.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37954
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;serv2.njj.chickenkiller.com. IN A
;; ANSWER SECTION:
serv2.njj.chickenkiller.com. 0 IN A 192.168.2.4
;; Query time: 61 msec
;; SERVER: 192.168.2.4#53(192.168.2.4)
;; WHEN: Tue Apr 22 22:12:33 2014
;; MSG SIZE rcvd: 61
However, my if I give a command relating to this host, my Mac typically attempts to use the external address for this machine:
beethoven:~ nick$ ping serv2.njj.chickenkiller.com
PING njj.chickenkiller.com (92.72.63.130): 56 data bytes
64 bytes from 92.72.63.130: icmp_seq=0 ttl=64 time=0.812 ms
If I clear the DNS cache, it will use the internal address for a few minutes:
beethoven:~ nick$ sudo killall -HUP mDNSResponder
Password:
beethoven:~ nick$ ping serv2.njj.chickenkiller.com
PING serv2.njj.chickenkiller.com (192.168.2.4): 56 data bytes
64 bytes from 192.168.2.4: icmp_seq=0 ttl=64 time=0.808 ms
Which is fine. However, if I wait 5 minutes and give the ping command again, it will revert to using the external address:
beethoven:~ nick$ ping serv2.njj.chickenkiller.com
PING njj.chickenkiller.com (92.72.63.130): 56 data bytes
64 bytes from 92.72.63.130: icmp_seq=0 ttl=64 time=0.812 ms
I really dont understand how my MAC is picking up the external address, when the DNS always returns the internal address.
Its also a right pain, because most of the services on serv2 are blocked by my firewall. For example my CUPS print server is hosted on serv2, but its also blocked by the firewall. The net effect of this is that I cant print.
Can you let me know if I am misunderstanding what is going on or is my MAC really doing something odd?
Many thanks