Thanks. I was able to restore the source-built 9.18 version I had built but
then deleted when I moved to MacPorts and it has the same behavior so a BIND
9.18 issue and nothing to do with MacPorts. I’ll post about it in the BIND
mailing list.
--
Larry Stone
lston...@stonejongleux.com
> On
The bind9 port doesn't patch this behavior (if you look at the port, there's a
configure patch because upstream uses broken glibtool and an atomics patch to
allow building w/ older clang versions), so it's almost certainly due to an
upstream change.
> On Jun 26, 2022, at 8:23 AM, Larry Stone
Good observation. Still, what the MacPorts version of dig is doing is not the
default (or at least hasn’t been (see next paragraph) as I mentioned in my
first post, I used to build BIND from source).
But one other thought I just had is it’s a change with the latest version of
BIND. The Apple
Perhaps this message when using /usr/bin/dig without +short might be the
answer…?
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
I guess the MacPorts version considers this a security issue?
> On
Looking at both with Wireshark, it looks like both send the query (and the
Ethernet packet in both cases appears to be multicast, as it should be) and get
the response. But it seems the MacPorts one doesn’t “hear” the response.
Looking at dtruss output for both, it looks like the Apple version