There are times when macOS mucks with DNS lookups. For example, a corporate VPN client might tell macOS that DNS lookups for certain domains (i.e. domains inside the company) are to be handled differently.

The commands host and dig are pure DNS lookups. They evade macOS’s DNS mucking and do their lookups based on what’s on the command line and/or what’s in /etc/resolv.conf. They are unfiltered (unfetttered?) by macOS. For example:

1
2
3
4
5
$
$ host www.TomOnTime.com.
www.TomOnTime.com is an alias for ext-cust.squarespace.com.
ext-cust.squarespace.com has address 198.49.23.141
ext-cust.squarespace.com has address 198.185.159.141

That’s useful when you are trying to diagnose a problem with an external DNS server.


To do a DNS lookup the way a macOS app would see the world, use dscacheutil -q host -a name HOSTNAME. For example:

1
2
3
4
5
6
7
8
$
$ dscacheutil -q host -a name www.TomOnTime.com
name: ext-cust.squarespace.com
alias: www.tomontime.com 
ip_address: 198.185.159.141
ip_address: 198.49.23.141

$

This is useful when you are debugging your Mac’s DNS client, or an application issue.

Sometimes it is useful to compare the output of both commands to verify that things are working as expected.


I set up an alias because I can never memorize the command. For example:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
$
$ alias machost='dscacheutil -q host -a name'
$ machost the-cloud-book.com
name: the-cloud-book.com
ipv6_address: 2606:4700:3030::681c:83f
ipv6_address: 2606:4700:3033::681c:93f
ipv6_address: 2606:4700:3032::ac43:83eb

name: the-cloud-book.com
ip_address: 104.28.9.63
ip_address: 104.28.8.63
ip_address: 172.67.131.235

$ 

I found this trick on Stack Overflow’s Superuser.com site.

P.S. If you own a domain and maintain it using BIND, Route53, Google DNS, Azure DNS, or any of more than 2 dozen DNS platforms, consider using DNSControl to manage your zones “like code”. You’ll be surprised at how much it makes your life easier.