OPEN LINK ↗
// 70d agoNEWS
macOS 26.3.1 breaks custom /etc/resolver DNS
A GitHub gist documents a regression in macOS 26.3.1 where `/etc/resolver/` entries stop working for non-IANA or private TLDs such as `.internal`, `.test`, and `.home.arpa`. The report says `mDNSResponder` intercepts these lookups as mDNS, never forwards them to the configured unicast nameserver, and leaves common local-dev setups like `dnsmasq` unreachable even though `scutil --dns` still shows the resolver configuration as present.
// ANALYSIS
This is the kind of “looks fine in the settings, fails in production” bug that burns developer trust fast.
- –If the report is accurate, the breakage hits a core macOS developer workflow rather than an edge case: local DNS, Docker name resolution, VPN tooling, and private test domains all depend on `/etc/resolver/`.
- –The most concerning part is the silent failure mode: the resolver appears registered, but queries are hijacked before they ever reach the configured nameserver.
- –The workaround described is blunt and operationally painful: `/etc/hosts` entries, which do not scale for dynamic environments.
- –The issue seems especially bad for reserved namespaces like `.test` and `.internal`, because those are exactly the domains developers expect to work with normal DNS plumbing.
- –If Apple treats this as a regression in `mDNSResponder`, the fix likely needs to restore unicast resolver precedence for custom/private TLDs.
// TAGS
macosdnsnetworkingmdsnsponderresolverdnsmasqdockerlocal-developmentbug
DISCOVERED
70d ago
2026-03-19
PUBLISHED
70d ago
2026-03-19
RELEVANCE
9/ 10
AUTHOR
adamamyl
