macOS DNS Routing by Domain

Published Friday, Mar 26, 2021 by Tony Davis


I have been looking into a solution for using specific DNS servers for certain internal sudomains. These DNS servers are only available via VPN.

I don’t want all my queries to go trough this internal DNS resolver, because the my usual resolver blocks ads and trackers.

The solution is simple: to specify the resolver to use for a specific domain, create a file named after the domain in /etc/resolver/ and add the nameservers.


First make sure the /etc/resolver/ directory exists

macbook:~ user$ sudo mkdir /etc/resolver/

Create the domain file

macbook:~ user$ sudo vi /etc/resolver/

Add the nameservers to the file you just created

macbook:~ user$ cat /etc/resolver/

Now, all queries for will be resolved by

The caveat with this technique is that tools like dig won’t actually resolve domains like apps and will bypass this.


To make sure your config works you better use scutil –dns:

macbook:~ user$ scutil --dns
resolver #8
  domain   :
  nameserver[0] :
  flags    : Request A records, Request AAAA records
  reach    : 0x00000002 (Reachable)