macOS (MacBookPro18,2) and iOS (iphone 11 pro) claims the DNS service in my router is flaky, occasionally displaying a dialog accusing me of being offline.
(no, this isn't MaxMSP for iPhone - just a youtube video, settle down...)
This doesn't happen often, but when it does, it's always just after a wake or unlock. The problem is more than cosmetic, though - when it occurs, I am actaully offline on that device until it decides that I'm online again. Usually it doesn't take long, perhaps because I generally don't take this news quietly... OR, maybe recovery is hastened by a background heuristic tasked with mitigating and sharpening the other heuristics, taking a page from the generative adversarial network design... Maybe that sounds far fetched, but I would certainly like to opt into "shake to over-rule the most recent heuristically motivated decision that occured in the last 10 seconds", if such a thing existed. Come on, 'shake to undo', get your shit together.
The log message in question says "DNS failure tell health status stage". After pouring through logs for too long, I'm still on the fence regarding this assertion. Here's a json representation of such a log event - you can get something similar by appending this to any log query: --style ndjson | egrep '^{' | jq
{
"traceID": 8513800077599572000,
"eventMessage": "DNS failure tell health status stage",
"eventType": "logEvent",
"source": null,
"formatString": "DNS failure tell health status stage",
"activityIdentifier": 0,
"subsystem": "com.apple.symptomsd",
"category": "rnf",
"threadID": 3872,
"senderImageUUID": "ACCA800C-3A01-334C-8DEA-750E5BE2342B",
"backtrace": {
"frames": [
{
"imageOffset": 110828,
"imageUUID": "ACCA800C-3A01-334C-8DEA-750E5BE2342B"
}
]
},
"bootUUID": "BB182976-681B-4A8C-9986-0021F4E87774",
"processImagePath": "/usr/libexec/symptomsd",
"timestamp": "2022-07-24 05:15:12.831784-0700",
"senderImagePath": "/System/Library/PrivateFrameworks/Symptoms.framework/Frameworks/SymptomEvaluator.framework/Versions/A/SymptomEvaluator",
"machTimestamp": 3787177568532,
"messageType": "Default",
"processImageUUID": "8B143AC5-E668-3FA9-A71A-699B34A40B1B",
"processID": 454,
"senderProgramCounter": 110828,
"parentActivityIdentifier": 0,
"timezoneName": ""
}
Today, my iPhone and MacBook Pro logged about DNS failures at more or less completely overlapped times (using 1 minute buckets) - although I was only interacting with one device at any of these times (I think).
| MacOS Count | iOS Count | Time |
|---|---|---|
| 4 | 0 | 14:19 |
| 11 | 2 | 14:20 |
| 7 | 2 | 14:21 |
| 6 | 5 | 15:11 |
| 2 | 9 | 15:12 |
| 7 | 16 | 15:26 |
Two other two macs on my network are having no such problems. Both are on ethernet with a manually configured DNS server address (which happens to be the same DNS server address vended to wireless clients via DHCP).
The other iPhone and iPad on this network also use a statically configured DNS server address, and neither has ever thrown the alert or experienced the effects of a flaky DNS server. HOWEVER, both did log this message a small number of times today (1 for the iPad, 4 from the other iPhone) - BUT the 4 messages from the iPhone that all happened in the same minute were a half hour away from the iPad's single log message.
Put this in your ~/.logrc:
predicate:
dnsfailure
'process = "symptomsd" and message contains "DNS failure"'
Now run a log command like this one to search across the last 24 hours and put the results in a file called
mac-dns-failures.txt
log show --last 24h --predicate dnsfailure > mac-dns-failures.txt
... or collect a sysdiagnose on your iOS device, pass the archive to your Mac, decompress the archive, then:
log show --archive path/to/iOS-device/system_logs.logarchive \
--last 24h --predicate dnsfailure > iOS-device-dns-failures.txt
Repeat the above for as many devices as you want to check, putting the results into a file whose name ends with -dns-failures.txt, then put the events into 1 minute buckets and count them:
for f in *dns-failures.txt
do
echo ${f} ; egrep '^\d' ${f} | cut -c12-16 | sort | uniq -c
done
Questions that might be supported using help from the Internet (that's you!) might be:
- Do you have multiple devices that log these messages around the same time, even if you're only using one of them?
- Can you assert that your DNS service is in fact not broken at the same time that one or more of your devices claims that it is?