Solved

RHEL name resolution

Posted on 2011-09-19
22
391 Views
Last Modified: 2012-05-12
Hi,

How do I force a RHEL server to always use the local host file before attempting to send the request to a DNS server ?

Thanks
0
Comment
Question by:Elemental12
  • 9
  • 6
  • 4
  • +1
22 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36561826
Should be that way by default, but if not then change the 'hosts' line in /etc/nsswitch.conf

hosts:    files dns
0
 

Author Comment

by:Elemental12
ID: 36561933
yup, checked that already, and the file shows:

hosts:      files dns

but for some reason, when I do an nslookup, even if I know the name is wrong, it checks the DNS servers.  For one particular host name, I need it to check the local hosts file, as I do not want it to exist on my DNS servers.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 36561988
NsLookup is a debugging tool, it doesn't use the client resolver (whether that's RHEL or any other OS), it queries DNS directly and only.

If you want to test the client, use Ping, or telnet, or something else that relies on the computer to do name resolution.

Chris
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36562011
nslookup doesn't honor the hosts file, use ping or telnet to test instead.
0
 
LVL 17

Expert Comment

by:Spartan_1337
ID: 36562055
Do you have Bind installed??
this would work to help resolve names locally.

http://www.experts-exchange.com/Networking/Linux_Networking/Q_26812340.html?sfQueryTermInfo=1+10+30+kennyhenao
0
 

Author Comment

by:Elemental12
ID: 36562397
ahhh, thank you all for telling me that.  How do I go about testing reverse name lookup via an application ?  pinging by IP, just pings by IP, does not give me the host name.
0
 

Author Comment

by:Elemental12
ID: 36562538
I found ping -a for windows ... just looking for the RHEL equivalent
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36562592
Are you asking just how to do a reverse DNS lookup in Linux?

dig -x ip.address
host ip.address
nslookup ip.address

Open in new window

0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36562603
dig is part of the bind-utils package, so you probably don't have it installed by default, but I recommend it above the other 2 options when possible.
0
 

Author Comment

by:Elemental12
ID: 36562657
well, I need a way to do a reverse dns lookup to prove that this server is using the host file first, and DNS second.  I need to use something that honors the host file, as stated above.  Nslookup does not look at the host file as stated above.  I need to prove that this server is using the host file first, and the DNS server second.  How can I prove this ?  I have a fake dns record in my local host file, but when I try to nslookup that fake DNS record, it tries to go to the DNS server to resolve it.  I don't want that.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 250 total points
ID: 36563028
Is there a specific reason you need to fake the IP as well as the hostname?  I think some of the confusion on this thread from the experts side is that we don't know exactly why you are trying to do this.

All you can "prove" with any of this testing is whether a certain application (ping, nslookup, host) honors /etc/hosts.  Proving that everything on the server is using it, that would be a pain and probably not worth the time.

If you need to fake both forward and reverse lookups to make sure that every single query for a specific hostname/ip gets the fake results, no matter what sends the query, then you need to setup a DNS server with fake zones for any host/ip you want to modify.

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:Elemental12
ID: 36563063
Yes, I am adding a host to the local host file because I do not want to create an entire dns server or zone for just one host.

yes, all I want to prove is that if I put in an IP address in my local hosts file, any name resolution will respect what is in the host file first, and DNS second.  So for example if my host file has

172.16.1.1      fake1.domain.com

but DNS server has 172.16.1.1 as real1.domain.com, when the server goes to 172.16.1.1, I want it to believe the name that belongs to that IP is fake1.domain.com
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 36563124
Both forward and reverse (should) load into the client cache from hosts by default, you might try enabling debugging with nscd (perhaps). Not a Unix / Linux expert so I don't have a reasonable suggestion beyond that.

Chris
0
 

Author Comment

by:Elemental12
ID: 36563202
I was thinking of restarting nscd, which would clear cache, but higherups were not happy with that idea.
0
 
LVL 17

Expert Comment

by:Spartan_1337
ID: 36563206
Linux doesn't work that way with DNS.
You can't use HOST file for name resolution.
You will have to setup DNS for what you are asking for.
0
 

Author Comment

by:Elemental12
ID: 36567505
Linux does not use host files ?
0
 
LVL 17

Expert Comment

by:Spartan_1337
ID: 36567583
Yes, Linux does use host files but for what you are trying to do it will not work.
You cannot "trick" the OS into resolving a local name with a HOST entry.
You will need to setup DNS for this purpose.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 36567645
Um, why not?

It's a name, it doesn't need a Hosts file entry and a DNS entry, it's not a trick, it's a legitimate name resolution technique.

Chris
0
 

Author Comment

by:Elemental12
ID: 36575262
Yes, the word "trick" is a bad word I am using ...

I have been able, in Windows anyway, to put in different names for the same IP and when that server does to any of those different names, the requests are set to the same IP.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36575312
You can't prove that everything on the system that needs DNS resolution is going to honor the hosts file.  The way to do this is by serving up the fake zone file, but even then you may have an app using a built-in resolver that you can't control.

Making fake entries in /etc/hosts is generally used only temporarily and for testing/troubleshooting purposes.  Anything more than that should be done through DNS.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 250 total points
ID: 36575654
I still think it's situational, and hosts is an entirely legitimate mechanism (for far more than testing). But it's very true to say (as Papertrip has) that if an application has it's own resolver, and that's what you're trying to tweak, no amount of messing with hosts will help.

Chris
0
 

Author Closing Comment

by:Elemental12
ID: 36814801
We found out it was a coding issue after all that was deciding the host name to IP, regardless of what I did in the host file.  I decided to split the points equally though due to the effort from both of you, and the accuracy of your answers.  Thank you very much.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Active Directory Replication & DFS Not Working 10 48
spf record 8 55
DNS Name Pointing 6 28
Child Domain and dns suffixes 9 26
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
This video discusses moving either the default database or any database to a new volume.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now