macOS 26 (Tahoe) introduces a regression where mDNSResponder silently intercepts DNS queries for custom or non-IANA TLDs (e.g. .internal, .test, .lan, .home.arpa) and handles them as mDNS, completely bypassing any unicast nameserver configured in /etc/resolver/. This breaks the long-standing macOS per-domain DNS resolver mechanism used by developers running dnsmasq, CoreDNS, or similar local DNS servers. The failure is silent — scutil --dns shows the resolver as registered, but no DNS traffic ever reaches the local nameserver. Affected workflows include Docker container DNS, Kubernetes local dev tools (minikube, kind), Tailscale, Vagrant, and VPN clients. The only current workaround is manually adding entries to /etc/hosts. The bug has been filed with Apple Feedback Assistant.
Sort: