I have always used BIND on OSX to provide a local DNS resolver for my local development machines, particularly to facilitate virtual machines accessing my local dev environment.
Foolishly I decided to upgrade to OSX Mavericks overnight and it appears BIND is no longer installed - even when the command line developer tools are added.
Anyone have a suggestion of how to restore this functionality, or if the latest OSX has an alternative DNS solution in place?
Thanks, Steve
You can install bind with Homebrew: http://brew.sh/
Installing Homebrew and using it to installing bind seems the best route.
There are few little "gotcha's", so I put together this bash script to simplify it all.
1) Install Homebrew.
2) Save this file to your Mac as "ConfigureBrewBindOnOSX10_9.sh" and run it (sh ./ConfigureBrewBindOnOSX10_9.sh) , or run it's commands line-by-line by hand (if you want to see more detail as you go.
Contents of ConfigureBrewBindOnOSX10_9.sh
#!/bin/bash
# Last Updated: Jun 17, 2014
# camden@arrowtech.net
#
# Run as root or sudo the commands that need it as you go.
# 1) USE HOMEBREW TO INSTALL BIND
brew install bind
# 2) CONFIGURE BIND
# Create a custom launch key for BIND
/usr/local/sbin/rndc-confgen > /etc/rndc.conf
head -n 6 /etc/rndc.conf > /etc/rndc.key
# Set up a basic named.conf file.
# You may need to replace 9.10.0-P2 with the current version number if it is out of date.
cat > /usr/local/homebrew/Cellar/bind/9.10.0-P2/etc/named.conf <<END
//
// Include keys file
//
include "/etc/rndc.key";
// Declares control channels to be used by the rndc utility.
//
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.
//
// Default controls
//
controls {
inet 127.0.0.1 port 54 allow {any;}
keys { "rndc-key"; };
};
options {
directory "/var/named";
};
//
// a caching only nameserver config
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
logging {
category default {
_default_log;
};
channel _default_log {
file "/Library/Logs/named.log";
severity info;
print-time yes;
};
};
END
# Symlink Homebrew's named.conf to the typical /etc/ location.
ln -s /usr/local/homebrew/Cellar/bind/9.10.0-P2/etc/named.conf /etc/named.conf
# Create directory that bind expects to store zone files
mkdir /var/named
curl http://www.internic.net/domain/named.root > /var/named/named.ca
# 3) CREATE A LuanchDaemon FILE:
cat > /System/Library/LaunchDaemons/org.isc.named.plist <<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<false/>
<key>EnableTransactions</key>
<true/>
<key>Label</key>
<string>org.isc.named</string>
<key>OnDemand</key>
<false/>
<key>ProgramArguments</key>
<array>
<string>/usr/local/sbin/named</string>
<string>-f</string>
</array>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>
END
chown root:wheel /System/Library/LaunchDaemons/org.isc.named.plist
chmod 644 /System/Library/LaunchDaemons/org.isc.named.plist
# Shutdown bind (if it was running)
#launchctl unload /System/Library/LaunchDaemons/org.isc.named.plist
# Launch BIND and set it to start automatically on system reboot.
launchctl load -wF /System/Library/LaunchDaemons/org.isc.named.plist
Let me know if you need any help, I've successfully configured this on quiet a few machines.
Install BIND9 using Homebrew. The current brew install isn't as complete as I'd like, so when I ran into this issue myself, I updated the brew file to generate initial config files (to match the system install in Mountain Lion) as well as include a launchd plist.
Though my changes haven't been merged in yet, you can see the updated file here: github.com/mxcl/homebrew/pull/23598 Use brew edit bind to open the formula for BIND, and copy in my forked version, save, and reinstall with brew using brew install bind.
Men & Mice is offering BIND installers for free at http://support.menandmice.com/download/bind/macosx/10.9-Mavericks/
MacOS X 10.4 (PPC), 10.5/10.6 (x86) and 10.7/10.8 (and new) 10.9 (x86_64)
Here is my recommendation for a basic "/etc/named.conf" file for BIND 9.9.4. Many basic configuration recommendations in the Internet and templates from BIND installations in Linux/BSD distributions have not been updated to recent updates in BIND and are not optimal (although they continue to work)
// BIND named.conf caching only DNS server
// configuration file for
// BIND 9.7 and up
options {
// set the DNS servers "home" directory
// all files with relative path names
// will be read or written from this
// directory
directory "/var/named";
// disable query-logging on start
// query-logging can be enabled using
// "rndc querylog"
querylog no;
};
// automatic empty zone for the "localhost" name
zone "localhost" IN {
type master;
database "_builtin empty . nothing.invalid.";
};
// logging template for a caching DNS server
logging {
channel syslog { syslog daemon; severity info; };
channel security { file "security.log" versions 10 size 50M; print-time yes; };
channel query_log {
file "query.log" versions 10 size 50M; severity debug; print-time yes;
};
category general { syslog; };
category security { security; };
category queries { query_log; };
category dnssec { security; };
category default { syslog; };
category resolver { syslog; };
category client { syslog; };
category query-errors { query_log; };
category edns-disabled { syslog; };
};
Some comments:
if no "control" block is defined, the defaul control statement is being used. The default control configuration is
controls { inet 127.0.0.1 allow { localhost; } keys { rndc_key; }; };
never specify "query-source" with an port number for an caching DNS server (I would prefer not to see it even it commented out, someone might enable it and create a security hole), it is a security risk (it disables UDP port randomization abd therefor enables easy DNS cache spoofing)
Try this http://blakeembrey.com/articles/local-development-with-dnsmasq/
It worked well for me after installed mavericks.
Bind is installed in Mavericks. Just files have moved. You can find all the zone files in /Library/Server/named/.
Apple actually have done a good job going for a more compliant implementation compared to 10.6.8.
It's easy to modify the files by hand.
My $0.02
LL
I used to use a local DNS server running on the MAC until I discovered DNSMasq on DD-WRT
I setup a DD-WRT router for my LAN and WIFI and then used the DNSMasq feature of DD-WRT to list all entires that should map to development machines.
Log into your DD-WRT router:
Under Services, Enable DNSMasq
Under "Additional DNSMasq options" list each entry you want to mask:
address=/[url]/[ip]
Examples:
address=/www.dev.mysite.com/192.168.1.10
address=/photos.dev.mysite.com/192.168.1.11
address=/static.dev.mysite.com/192.168.1.12
This is almost like running your own DNS server on the router just for local addresses but without the overhead.
This way I can connect to local development machines via the LAN and all mobile devices via WIFI without much hassle.
Advantages:
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 闹够了就滚 的文章《OSX Mavericks - BIND no longer installed… how to g》','https://www.manongdao.com/article-533852.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}