Leo's Blog About knowledge which needs to be conserved somewhere

Problem With Mac Os Mavericks and Ipv6 Mdnsresponder

2 min read AAAA Chrome DNS IPv6 MacOS Mavericks mDNSResponder Safari

IPv6 is the successor of IPv4 and many parts of the Internet are dual-stack. Therefore, they can handle connections with both protocols. Due to exhausted IPv4 address space, in the near future devices will only get IPv6 addresses. Currently the Internet is in transit from v4 to v6.

I recognized a very strange behavior with my IPv6 configuration and MacOS X 10.9 (Mavericks). The problem was that my Mac had an IPv6 tunnel to enable dual-stack configuration but Firefox was not able to resolve IPv6 domains. As a result I was not able to access ipv6.google.com which is IPv6 only (Server not found).

Server not found message

What was the reason? Is there a faulty dual-stack configuration? No! Pinging ipv6.google.com was successful. Further tests showed:

Now what is the reason for that? The next step was to use Wireshark and analyze network traffic. When entering URL in Firefox or Safari no AAAA queries were requested. Therefore, the IPv6 address was not known to Firefox and Safari.

I first thought this is a general problem with MacOS but this is not the case. Friends of mine with similar configuration do not have any problem. Hmmm…. very strange.

Why is DNS handling different?

I found the answer after endless searching in the following Apple discussion forum and Sixxs forum. The reason is that Firefox and Safari use MAC OS mDNSResponder daemon to resolve IPs. Chrome has an own implementation for resolving DNS queries. And this mDNSResponder behaves differently depending on type of IPv6 configuration. It seems that

  • IPv6 Tunnel (6in4): mDNSResponder does not resolve IPv6 addresses
  • dual-stack: mDNSResponder resolves everything fine

The above is simplified. I found different tunnels which behave not the same.

  1. OpenVPN Tunnel: tun0 is created. No ipv6.google.com connection with Firefox
  2. Cisco VPN connection: utun0 interface is created. All works fine.
  3. he.net tunnel: gif0 interface is created. No ipv6.google.com connection with Firefox

I don’t know for sure why Apple is doing it this way. But it is definitely not the best way.