Check out your DNS configuration using $ scutil --dns . Resolver #1 is what is handling my DNS lookups, #2 handles the .local domain. Resolver #3 is the reverse lookup for the 169.254 APIPA address space, and so on.
jason@jmbp15-ati ~> scutil --dns 18:10:04
DNS configuration
resolver #1
search domain[0] : home
nameserver[0] : 8.8.8.8
flags : Request A records
reach : 0x00000002 (Reachable)
resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300000
resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300200
[...]
resolver #8
domain : ds
nameserver[0] : 10.7.0.1
flags : Request A records
reach : 0x00000002 (Reachable)
DNS configuration (for scoped queries)
resolver #1
search domain[0] : home
nameserver[0] : 8.8.8.8
if_index : 4 (en0)
flags : Scoped, Request A records
reach : 0x00000002 (Reachable)
Resolver #8 is what I have added to resolve a custom TLD “ds”.
To add an additional resolver to a Mac, create a directory at /etc/resolver.
sudo mkdir /etc/resolver
For each domain that you want to hit a specific nameserver, create a file with the name of your desired domain and a nameserver line (or lines) in the file. For my internal domain I used the following command:
echo '10.7.0.1' > /etc/resolver/ds
Now, when I run scutil --dns again I see my newly created resolver:
resolver #8 domain : ds nameserver[0] : 10.7.0.1 flags : Request A records reach : 0x00000002 (Reachable)
Note; 10.7.0.1 needs to be a DNS resolver.
A quick lookup confirms that my configuration is doing what I want it to do. Another thing I discovered when looking into this is that dig and nslookup on OSX don’t use the OS resolver configuration.
$ dscacheutil -q host -a name sanfran.ds name: sanfran.ds ip_address: 10.7.0.100
And that’s it. If I want to configure forward or reverse zones to resolving using a specific nameserver on OSX it’s that simple.