This will explain how to speed up DNS lookups. This is useful for contacting servers much quicker than normal, plus not waiting around forever before a lookup fails. I would just like to note at the beginning here that this will not load web pages any faster, or let you download anything faster, but it will contact web servers & such much, much quicker than the default.

———————————————
Part 1 - Speeding up DNS lookups in NetInfo

I will be giving the commands to do this for the terminal. All of the commands I list must be run as root. Either use su to log in as root, or append sudo to the beginning of the commands.

First, we'll create the locations/lookupd "folder" that NetInfo uses (actually, lookupd uses, but anyway...). Note that if this already exists, it won't overwrite anything. This is just in case it doesn't exist yet.

niutil -create . /locations/lookupd

Next, we'll create another location for hosts:

niutil -create . /locations/lookupd/hosts

Next, we add some parameters for hosts - this will basically be telling lookupd to not validate the cache for hosts, and to time out after 30 seconds if there is no response:

niutil -createprop . /locations/lookupd/hosts LookupOrder CacheAgent NIAgent DNSAgent NILAgent
niutil -createprop . /locations/lookupd/hosts Timeout 30
niutil -createprop . /locations/lookupd/hosts ValidateCache NO

Now we create a few more locations for the agents DNSAgent and NILAgent. DNSAgent is the DNS lookup, of course, and NILAgent is sort of a negative reply agent - any search that doesn't come up with a result will be remembered by NILAgent, and if another search is done for the same host, item, whatever else, NILAgent will kick and and pretty much say "Don't bother, it doesn't exist." Meaning you won't have to sit there and wait for it to timeout again. Here's the stuff for this:

niutil -create . /locations/lookupd/agents
niutil -create . /locations/lookupd/agents/DNSAgent
niutil -create . /locations/lookupd/agents/NILAgent

Ok, now we'll add in the parameters for NILAgent first. These tell it to keep an item in its database for 1 hour, and for the agent itself to timeout after 30 seconds:

niutil -createprop . /locations/lookupd/agents/NILAgent TimeToLive 3600
niutil -createprop . /locations/lookupd/agents/NILAgent Timeout 30

Finally, we'll do the parameters for DNSAgent. This tells the agent to timeout after 15 seconds, and to retry a lookup 3 times:

niutil -createprop . /locations/lookupd/agents/DNSAgent Timeout 15
niutil -createprop . /locations/lookupd/agents/DNSAgent Retries 3


And that's that. Now do this command to restart NetInfo and lookupd:

/System/Library/SystemConfiguration/Kicker.bundle/Resources/restart-NetInfo

———————————————
Part 2 - Creating a caching-only nameserver

This next part describes how to create your own nameserver. Note that this isn't a fully-fledged nameserver, it only caches servers you connect to for a short while, it doesn't provide a DNS server for your own domain. You could do this, yes, but you would still need to apply for a domain, have a static IP number, yadda yadda yadda...and none of that is needed for this anyway. ;)


Why create your own nameserver? Well, having your own nameserver on your own machine greatly shortens the time spent on DNS lookups. Plus, you aren't one of many accessing the DNS server, you are the only one.

You won't need to install any additional software to get this working, everything needed is already installed. As with the first part, these will all be terminal commands (except for one small step), and you will need to be root/use sudo as before to edit/create these files.

First we'll edit the file /etc/named.conf. Named is the program that runs the nameserver, FYI. Enter this command, then enter the text as shown:

pico /etc/named.conf


// Config file for caching only name server

options {
directory "/var/named";

// Uncomment next line if you are behind a firewall of any sort
// query-source port 53;
};

zone "." {
type hint;
file "root.hints";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "pz/127.0.0";
};


(type control-o to save it, then control-x to exit pico)

This file tells named where to find all the stuff it needs to set up the nameserver.

Next we need to create the folder named will look into to find it's config files:

mkdir /var/named

Now we travel to the newly created directory and create another one:

cd /var/named
mkdir pz

Now, we need to create a file for named to use to do its DNS lookups. This is the file called root.hints. These are the root servers that supply DNS lookups to the majority of DNS servers out there. Note that you will need to maintain this file, I'll explain that after we set it up. You will need to be online to do these commands:

first type dig to get the file according to your current DNS server. See all those lines that start with some letter (i.e. A or G or M) with .ROOT-SERVERS.NET. after it? You need to query one to get the root hints file. After you pick one, do this command (replace the root server I listed with the one you choose)

dig @m.root-server.net . ns > root.hints

This will create the root.hints file. Now, like I mentioned, you will need to maintain this file. The reason is because the root servers do change from time to time, and you will need to keep up to date with the changes. Maintaining it is just redoing the above commands to create a new root.hints file (done once a month).

Next we'll go into the pz folder we created and make a new file there. This is the file that loads in all the DNS info for you:

cd pz
pico 127.0.0



@ IN SOA ns.mynameserver.com. hostmaster.mynameserver.com (
1 ; Serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D) ; Minimum TTL
NS ns.mynameserver.com.
1 PTR localhost.



(again, control-o to save it, and control-x to exit pico)

Next we need to tell OS X to use itself as the DNS server. You do this via the Network Preferences in System Preferences. Load it up, click on the TCP/IP tab, and under Domain Name Servers, type in 127.0.0.1 Then click save at the bottom and quit.

Be sure to replace anything that was already there - we don't want to use any other DNS but our own.

Now we start named. The command for this is pretty simple.

ndc start

Now, we need to do one of two things to actually get the connection to use the new name server. You can either disconnect and reconnect, or if you would rather not disconnect, edit /var/run/resolv.conf. If you wish to do the latter, do

pico /var/run/resolv.conf

nameserver: 127.0.0.1

(control-o, control-x)

Be sure to replace anything else that was already in the resolv.conf.

Now you need to test it to make sure everything is working right. The easiest way is to use nslookup. Type that in, and the first two lines you should see are

Default Server: localhost
Address: 127.0.0.1

If it doesn't, then you have an error in the config files somewhere - go back and make sure they're typed in exactly as I have them.

The last thing we need to do is get named to launch at boot. You'll need named to start before you try to use your connection.

Good thing there's a (pretty) simple way - make a startup item for named.

Create a folder named Named in /Library/StartupItems (you may need to create the folder StartupItems in /Library first):

mkdir /Library/StartupItems/Named
cd /Library/StartupItems/Named

Now we create two files to start named at boot. One of the files is always named the same as the folder name - so if you create the folder with some other than Named, then save this file as that same name. Otherwise, do this:

pico Named

#!/bin/sh

. /etc/rc.common

if [ "${DNSSERVER:=-NO-}" = "-YES-" ]; then

ConsoleMessage "Starting named"

/usr/sbin/ndc start
fi

(control-o, control-x)

Now type chmod +x Named to make it executable (needed!).

Now we edit the other file used for startup items - StartupParameters.plist. This one is named the same for every startup item. Here's what to put in it:

pico StartupParameters.plist

{
Description = "caching-only nameserver";
Provides = ("named");
Requires = ("Disks", "Resolver", "Desktop DB", "Input Managers");
OrderPreference = "None";
Messages =
{
start = "Starting named...";
stop = "Stopping named...";
};
}

Now, one last little thing. Edit /etc/hostconfig, and add in this line:

DNSSERVER=-YES-

to the end of it..

Wow, thanks alot! Thats pretty darn cool.

I have a few questions, though.

I'm at a university, behind a firewall, and the dns server they defaultly assign me is behind it as well, its a 10.x.x.x host.

That internal dns server provides dns information about other subnetted hosts. Infact, if your computer's name is BigMac, your ip might resolve to BigMac.danh.uc.edu or something.

Anyway, I don't get this information anymore (Well, I added the internal dns server after 127.0.0.1 in the network control panel). Before I did that, ping BigMac.card.uc.edu would really ping it, but with just 127.0.0.1 in there it does not.

Is there anything I can do to make my personal dns server contain the information within the sub net's dns server?

Also, in the /var/named/pz/127.0.0 file, I see stuff like ns.mynameserver.com and hostmaster.mynameserver.com. Should I leave them like that, or change them (it just doesn't feel right...)

Thanks for the instructions, it was very helpful!

You can add this to the named.conf file:

add into the options { } section


forward first;
forwarders {
DNS server #1
DNS server #2
...
DNS server #n
};


This will query the DNS servers there as well. After changing the config file, type ndc reload and it should all be fine.

Adding the DNS server to the Network Prefs does pretty much the same thing as this, so you could do whichever you were most comfortable with.

You can leave the ns.mynameserver.com and hostmaster.mynameserver.com as they are if you wish, or change them to something else. Since this is a caching-only nameserver, and not a full on DNS, it doesn't matter overmuch. If it were a full on DNS, you would need to put your actual domain name there. Personally, I use dreamstatic.org, the name I've given my localhost.

And you're welcome. I really should have posted that sooner! I've actually been running that config for a few months now :D It wasn't until the network forum opened that I thought "Hey, other people would like doing this too..."

That was incredibly long.
But also very helpful! Thanks!

First off: Excellent tutorial, thank you very much. i've been having so many problems with slow DNS lookups - just what I needed.

Also - if you have an 'always on' internet connections, and want to automate the updating of root.hints add this to the /etc/crontab file (it's 2 lines, may wrap a lil cause they are long lines):


# update DNS cache root.hints on the first of every month at noon
0 12 1 * * root dig @h.root-servers.net . ns > /var/named/root.hints


of course, replace h.root-servers.net with the name of the server that you are using.

once the file is saved cron will restart itself when it sees the newer file date.

that's it. It'll take care of itself forever now. :)

E

Is the output from dig @h.root-servers.net. .ns supposed to look like this:
[user@mach4]$ dig @h.root-servers.net. .ns

; <<>> DiG 8.3 <<>> @h.root-servers.net. .ns
; (1 server found)
;; res_nmkquery: buffer too small

[user@mach4]$

Thats all I get when I run it into the file ( the &lt stuff).

boysimple - yes, that's the location of Apple's startup items. However, they wish us third party people to place startup items in /Library/StartupItems. That's why I specified that location. And I did say that you may need to create the StatupItems folder in /Library. Plus you don't need to be root to add stuff to /Library, you can do it as your regular user.

I didn't tell people to set that up as a cron job because some people out there are using modem connections still (I happen to be one of the unlucky few), and if you're not online when the cron job runs, it won't get updated. Plus people don't always have their computer running when the cron job is supposed to be run, and it would be skipped, or if they used MacJanitor, they would inadvertantly be updating the root.hints file more than they need to. Which isn't a bad thing, but I try not to go for overkill. :D

Also, you don't need to restart cron after you change its config file. It checks its config file *every minute* and if the file has a modification date later than the one it last saw (a whole minute ago), it reloads the config file. You can see this for yourself by opening up the system log in the console, editing the /etc/crontab file, and waiting a minute. You'll get a message about cron reloading it.

kilowatt - You're almost there! It would be dig @h.root-servers.net. .[space]ns, not .ns You do get that stuff when you do it this way, but you also get the servers as well. The .ns without the space was confusing dig as to what you wanted, so it wasn't giving you anything.

I stand corrected. Long may the shadow wander... :)

E

First of all, thanks for the tip...

everything's working... but when I reboot, it kinda gets stuck at "Starting Directory Services". The same thing happened when I was attempting to make changes to netinfo database before, so I guess it's for the same reason...

Anyway... it got stuck there long enough for me to do the dishes...

I don't need to reboot all that much, so it's not a big problem, but it's rather annoying when you have to go back to 9 then back to X, etc...

Am I the only one experiencing this? If anyone knows the solution, let me know.

Hmm...Directory Services is what starts NetInfo and lookupd. It sounds like you may have a config problem.

Can you go to the terminal and type nidump -r / / and send me the text you get back from that? It spouts out your entire NetInfo domain. You can edit it to delete the user stuff from it - this will dump all your users, and while the passwords are encrypted, you probably don't want to send that part out.

Ya can either post it here, or PM me, or send it to me in an email (mailto:darkshadow2@mac.com). I'll take a look and see if I can figure out what may be going wrong.

Darkshadow, Try as I might, I can't get past the "nslookup" stage. It always returns:

[localhost:/var/named/pz] root# nslookup
Default Server: localhost
Address: 0.0.0.0

I also wonder if you have a typo in the directions. At the stage where it says:

niutil createprop . /locations/lookupd/agents/NILAgent TimeToLive 3600
niutil createprop. /locations/lookupd/agents/NILAgent Timeout 30


Should the second line read "createprop[space]. /locations..."? I tried it both ways but neither solved my problem.

Since I don't know what to do next, is there any harm in leaving all the config files and folders? Do I need to clean up to make sure that things work as smoothly as possible?

Thanks for the tutorial, wish it worked on my setup!!

well... sorta typo in the instruction, I guess.. but it's long, bound to have a typo here and there...

some of the lines are missing "-" in front of the option "createprop"

Whoops...you're right, that's a typo. I'll fix it - I'll also fix those missing "-"'s.

~vert - Hmm...did you restart NetInfo after the first part, and either disconnect/reconnect or edit the /var/run/resolv.conf file? You'll need to do both of those before it will work. If those don't fix it, go back and make sure that everything is exactly right. You can view the stuff you added into NetInfo by doing this: nidump -r /locations/lookupd / - that'll print out everything that you've added. Make sure everything is right there. If it is, then go and check all the config files you made for named. Make sure it's all correctly written down.

You can also open up Console.app and type ndc reload in the terminal. You'll see named starting up. If it spouts out any errors, check out what it tells you (it should inform you what part of the config files it's chocking on).

Darkshadow - It seems that the typos were the problem, although I also found there may be one in the dig command. When I run dig I get:

C.ROOT-SERVERS.NET. ...[et al]

'SERVERS' is plural. I also found that it didn't work unless I typed the part shown above in capitals. I didn't think that would matter, but it did in my case.

Regardless, it is up and working - Thanks for your assistance! It's fun having stuff to mess with like this in a Mac. I'm beginning to become an 'aesthetic geek', to coin a phrase...

I also tried editing the crontab file, so we will see how that goes.

hmm...

I just did

dig @a.root-servers.net. ns > file1
dig @A.ROOT-SERVERS.NET. ns > file2

I don't see any difference in the files besides the query time and date.

well, it's been awhile... anyway, I recently upgraded my Powerbook to 10.1, so I decided to give this tip a try on that machine.

(Note: I had problem with this on my desktop. It worked, but "Starting Directory Services" took hell of a wrong time...)

Anyway, to make the story short, as we all know, there's nothing wrong with the instruction given here, and it worked without a problem on my PB.

I wondered what the difference between my PB and DT is, and well, basically, I've made modifications to Netinfo on my DT system.

I had added some info under "machines", and although it was working, it seems that I did it in a wrong manner, and that didn't go well with the changes I made following this tip.

So I removed all the changes I made, then tried this again, and now it works great on both machines.

Looks like I need to spend more time reading about Netinfo...

After following this trick to speed up DNS lookups, none of my Classic apps can see my internet connection.

Anyone else having this problem?

Setting up OS X to be a DNS might disable Classic mode's ability to connect to the internet. Since I didn't do much internet stuff in Classic mode, this didn't bother me until I wanted to use AIM again. AIM and Netscape in Classic mode wouldn't connect to the internet. This drove me crazy for about an hour. Apple helped me figure out that all my settings were ok, but still no solution. I remembered that the last thing I tinkered with related to my internet settings was speeding up my DNS loopups with the tip posted here. The only thing that Classic mode doesn't like about this hack is adding your own computer as a DNS (127.0.0.1) in the network settings in the system preferences panel. All I had to do to get Classic mode's ability to connect to the internet was remove my computer as a DNS and relaunch Classic. If anyone knows how I can keep my computer as a DNS in OS X and keep Classic happy, please let me know.......

beef
Dinner
I experience the same dalay in starting up "beef" talked about ->


> everything's working... but when I reboot, it kinda gets stuck at "Starting
> Directory Services". The same thing happened when I was attempting to
> make changes to netinfo database before, so I guess it's for the same
> reason...

> Anyway... it got stuck there long enough for me to do the dishes...

> I don't need to reboot all that much, so it's not a big problem, but it's rather > annoying when you have to go back to 9 then back to X, etc...

> Am I the only one experiencing this? If anyone knows the solution, let me
> know.

any explains ....

umm... you can read the post I've made sometime ago... I haven't discovered anything new.

I had the same problem. removing the host entries I made in Netinfo fixed the problem. Then you add a FFAgent to your lookupd list, and go back to using /etc/hosts.

Works like a charm now...

I noticed today (because I rebooted, which I seldom do) that when NetworkTime was starting up, it took FOREVER. So I rebooted with apple-v (verbose mode) and NetworkTime gave some message about failing to resolve time.apple.com. After that happened, a few more things loaded, then the cacheing dns loaded. So looks like our dns server should start before any service that uses it, right?

Well, inside the StartupParamaters, it says it requires Disks, Resolver, Desktop DB, and Input Manager.


So why does the DNS server require the Resolver? Don't programs ask the Resolver to resolve hosts, and the resolver looks them up with the dns server? How can we make the dns server starrt up *before* anything requireing the resolver?


Also, I keep getting these entries in my console log (and on boot up in verbose mode):
Dec 20 01:22:18 mach4 lookupd[201]: DNSAgent: dns_fqdn_query_server - query failed for 127.0.0.1
Dec 20 01:22:28 mach4 lookupd[201]: DNSAgent: dns_send_query_server - timeout for 127.0.0.1
Dec 20 01:22:48 mach4 last message repeated 2 times
Dec 20 01:22:48 mach4 lookupd[201]: DNSAgent: dns_fqdn_query_server - query failed for 127.0.0.1
Dec 20 01:23:02 mach4 lookupd[201]: DNSAgent: dns_send_query_server - timeout for 127.0.0.1

This is all in my console.app file, but its really in /var/logs/netinfo.log

Any ideas?
Oh, and typing dig 127.0.0.1 in the terminal works fine...

Darkshadow,
I have downloaded a program called Lookup Manager, that sounds like it does some of the steps in your tutorial. Have you checked LM out at all?
At work right now (on a Dell POS running WinNT) so I can't double-check, but IIRC, it will let you add a FFAgent but doesn't include a NILAgent.
Anyhow, if I feel energetic this evening, I'll give your full set of instructions a try.
:)

prophet6: How did you remove those host entries? I'm kinda stuck in single user mode... Can I remove them from there?

Regards, meech

now, the easiest way is obviously using NetInfo...

I dunno why you're stuck in single user mode. If you're stuck at "starting Directory Service" then you can wait about... dunno how long.... 10 mins? and it'll eventually give up.

if you insist on doing it from single user mode...well, I haven't done this before, so I'm not sure, but I think the command will be

niutil -destroy . /machines/whatever

you can first do

niutil -list . /machines
to see if the entries you made are there.

but I'm no expert in this, I suggest you check "niutil" command and it's options...and maybe wait for someone with more knowledge to respond.

now, I dunno what you did, but if you made entries for machines on your LAN, don't put "./local" under "serves". I've heard alot of people have just copied the "localhost" and changed the ip and the name for it. I think the correct entry would be "../network"

well, I'm just guessing. good luck anyway...

As you guessed, I'm only "stuck in single user mode" as the machine wouldn't boot past "Starting Directory Services". Think I'll just wait those 10 mins and remove the entries via NetInfo instead, then...

thnx, meech

Ok, so it's working now. But I can't say I'm any wiser as to what caused the delay at "starting directory services" in the first place? I went over my settings again and again, looking for errors, but couldn't find any. Any ideas?

Regards, meech

Ok, so it's working now. But I can't say I'm any wiser as to what caused the delay at "starting directory services" in the first place? I went over my settings again and again, looking for errors, but couldn't find any. Any ideas?

Regards, meech

well...
what other changes did you make in netinfo?

if you've done nothing other than the tip from this thread... then my guess is you got some typo... in that case, I'll just delete everything you changed and do it again...

that's prolly easier than looking for one typo.

Thanks... NOTE: Don't do this in the wee hours of the morning.... I did and I paid.

I was wondering where you found out about NetInfo and using it to cache DNS enteries. I'd really like to learn more about NetInfo and how it compares to traditional linux and unix tools.
Thanks,
Chris

I tried what you have above, all worked great to the 'Dig' command. I got the requisite information from MY DIG command, but when I try
sudo dig @a.root-servers.net ns >root.hints
It gives me a 'root.hints: Permission denied.
error.
Since I am a newbie, what am I doing wrong>? I went on a created the 127 file and stopped after that so I don't loose my place.
any help would be appreciated.:D
if you wish to email me directly, my email is
mprewitt@prewitt.com
thanks
Mark

Yeah, I had that problem too - it seems sudo won't cut it, you have to be root. Do sudo su and try again.

But I get a different problem - when I try the dig @ command I always get request timed out. I'm behind a firewall - would that be the problem?

Thanks.

Thanks for the time and effort put into making this tutorial.

just as another FYI... after you change the settings (DNS server to 127.0.0.1) in the control panel, and you hit "apply now" well it disconnects your current internet connection.

It took me about 72 minues to realize that was the reason why [nslookup] didn't work.

It's working fine now, but in the future (or if I try this for someone else) and I want to "undo" what I just did, what should I do?

thanks!

cidion

Originally posted by Darkshadow
You can add this to the named.conf file:

add into the options { } section


forward first;
forwarders {
DNS server #1
DNS server #2
...
DNS server #n
};



This is almost correct - its just that every DNS server in the listing above needs to be separated with semicolon, even if you just use one forwarder. I fought with this for quite some time before I saw the error. :)

Thanks for an otherwise very good walkthrough.

when i try to start named using the command "ndc start" i get the following error:

>>
opensocket_f: bind([0.0.0.0].53): Address already in use
ndc: error: could not start new name server (/usr/sbin/named)
>>

i tried use "ndc stop":

>>
ndc: error: ctl_client: evConnect(fd 3): Connection refused
ndc: error: cannot connect to command channel (/var/run/ndc)
>>

when i try to "ndc restart":

>>
ndc: error: name server was not running (warning only)
opensocket_f: bind([0.0.0.0].53): Address already in use
ndc: error: could not start new name server (/usr/sbin/named)
>>

any ideas what could be wrong? i've followed the instructions step by step...


thx in advance!

I am certainly no expert on this, but it looks to me like if some other service is using port 53, so that bind cannot take claim of it...

neo36: I'm going by memory, but I think there was a line involving port 53 in a config file mentioned in the original instructions, that you were supposed to uncomment if you are behind a firewall. Are you behind a firewall?

yup, i am behind a firewall, but i did uncomment that line, too....

Anyone know if anything in this hint needs to be changed for 10.2? Does Jaguar make it easier (or harder) to set up a name server?

(I read on macosxhints that there's a spelling error in the BIND file where it says DNSSSERVER instead of DNSSERVER)

Hi there,

I'm a total newbie at this Unix stuff, so bear with me if my brain is on the wrong way around.

I've followed all the instructions, and everything seems to be working OK, in that my internet connection is fine. However, when I type nslookup into terminal now I get the following...

*** Can't find server name for address 10.0.1.1: Non-existent host/domain
*** Default servers are not available

Is this something I should worry about?! If it is, can I fix it?!

ta.

Ed.

Everything is working well, but I can't get Named to start at boot. Once I start I can launch a terminal and run /Library/StartupItems/Named/Named
and it is fine. Added some debug stuff into Named/Named and it seems as though the script never gets executed. Any thoughts on why this might be?

Thanks!

Are you using Jag?

Under 10.2, they've made the DNS server already pretty much all set up for you. Just edit /etc/hostconfig to say
DNSSERVER=-YES-
and that's pretty much it.

Oh yeah, there's one other thing - You need to edit /System/Library/StartupItems/Named/Named and change the bit that says DNSSSERVER to DNSSERVER (note the extra 'S')
...somebody forgot to spellcheck...

Then just reboot and it should work. Also, a lot of the stuff this hint says is already done by apple - the /var/named stuff is already set up (even got a hints file already for you).

Okay; now that we have the basics down, I have a real-world application. Our network is behind firewall/router that does not allow loopbacks. Therefore, changing the lookup order and adding machines entries to NetInfo to get local domain name resolution is the preferred method for adding entries to access our domain named e-mail server. This works fine for desktop machines within the confines of a LAN.

However, I have a laptop user to contend with who is not always on the network. He often travels and dials-up on the road. NetInfo 'machines' entries will trump his DNS resolution, making our server inaccessible to him.

The ideal solution(?) is to have the user switch lookup orders for when they are on the road and back when they are behind the network. I elected to create an AppleScript to do the job and install the Script Menu in the user's menubar to make the script easily accessible.

Overall, it seemed like the most effecient way to accomplish the goal. For those interested, here is the script in its enirety. I have also attached it to this post as a compiled AppleScript.
(*
This script will set optimize your lookup order for a LAN internet connection or dial-up
*)

set runresult to ""

tell me to activate
display dialog "Please choose your connection method to optimize your internet connection" buttons {"LAN", "Dial-up"} default button 2
set userchoice to button returned of result
if userchoice = "LAN" then
set myReply to (display dialog "Please enter your Administrator password" default answer "" giving up after 60)
set myPassword to (text returned of myReply)
if myPassword is not "" then
try
--LAN optimized
do shell script "sudo /usr/bin/niutil -create / /locations/lookupd/hosts" password myPassword with administrator privileges
do shell script "sudo /usr/bin/niutil -createprop / /locations/lookupd/hosts LookupOrder CacheAgent NIAgent DNSAgent" password myPassword with administrator privileges
do shell script "sudo /bin/kill -USR1 `/bin/cat /var/run/lookupd.pid`" password myPassword with administrator privileges
set runresult to "Network settings optimized for LAN connection" & return
on error errormsj
display dialog errormsj as string
set runresult to runresult & "Settings change failed: " & errormsj & return
--return adds ASCII13 to the output
end try
end if

tell me to activate
display dialog (runresult as string) buttons {"Ok"}

else if userchoice = "Dial-up" then
set myReply to (display dialog "Please enter your Administrator password" default answer "" giving up after 60)
set myPassword to (text returned of myReply)
if myPassword is not "" then
try
--Dial-up optimized
do shell script "/usr/bin/niutil -create / /locations/lookupd/hosts" password myPassword with administrator privileges
do shell script "/usr/bin/niutil -createprop / /locations/lookupd/hosts LookupOrder CacheAgent DNSAgent NIAgent" password myPassword with administrator privileges
do shell script "/bin/kill -USR1 `/bin/cat /var/run/lookupd.pid`" password myPassword with administrator privileges

--display progress
set runresult to "Settings optimized for dial-up connection"
on error errormsj
display dialog errormsj as string
set runresult to errormsj
end try
end if
tell me to activate
display dialog ("Network Configuration:" & return & runresult) as string buttons {"Ok"}

end if

Hi DarkShadow.
All worked fine thanks, but now ADGate (ad server blocker - very good) does nothing, so web now slower on the whole:(
Can the two work together? If not, how do I (sadly) uninstall this mod?)