BACK_TO_FEEDAICRIER_2
macOS 26.3.1 breaks custom /etc/resolver DNS
OPEN_SOURCE ↗
HN · HACKER_NEWS// 23d agoNEWS

macOS 26.3.1 breaks custom /etc/resolver DNS

ANNOUNCEMENTPRODUCTGITHUB

A GitHub gist documents a regression in macOS 26.3.1 where `/etc/resolver/` entries stop working for non-IANA or private TLDs such as `.internal`, `.test`, and `.home.arpa`. The report says `mDNSResponder` intercepts these lookups as mDNS, never forwards them to the configured unicast nameserver, and leaves common local-dev setups like `dnsmasq` unreachable even though `scutil --dns` still shows the resolver configuration as present.

// ANALYSIS

This is the kind of “looks fine in the settings, fails in production” bug that burns developer trust fast.

  • If the report is accurate, the breakage hits a core macOS developer workflow rather than an edge case: local DNS, Docker name resolution, VPN tooling, and private test domains all depend on `/etc/resolver/`.
  • The most concerning part is the silent failure mode: the resolver appears registered, but queries are hijacked before they ever reach the configured nameserver.
  • The workaround described is blunt and operationally painful: `/etc/hosts` entries, which do not scale for dynamic environments.
  • The issue seems especially bad for reserved namespaces like `.test` and `.internal`, because those are exactly the domains developers expect to work with normal DNS plumbing.
  • If Apple treats this as a regression in `mDNSResponder`, the fix likely needs to restore unicast resolver precedence for custom/private TLDs.
// TAGS
macosdnsnetworkingmdsnsponderresolverdnsmasqdockerlocal-developmentbug

DISCOVERED

23d ago

2026-03-19

PUBLISHED

23d ago

2026-03-19

RELEVANCE

9/ 10

AUTHOR

adamamyl