first /etc/hosts, then nameserver

Kevin Darcy kcd at daimlerchrysler.com
Tue May 8 21:49:39 UTC 2001 

Chip Old wrote:

> On Tue, 8 May 2001, felix wrote:
>
> > I want my solaris-box to lookup namequeries (that machine has no local
> > dns-server) first in /etc/hosts then send the query to each nameserver
> > in /etc/resolv.conf, but how to??
>
> In /etc/nsswitch.conf look for the line beginning with "hosts".  It should
> look something like this:
>
> hosts:      files dns
>
> /etc/nsswitch.conf determines the order in which the different name
> services available to the machine will be tried.  The example above causes
> hosts to be looked up in /etc/inet/hosts first.  If not found there, they
> are looked up in DNS.
>
> If you also use NIS, then that needs to be included as well:
>
> hosts:      files nis dns
>
> Just list the available name services in the desired search order.
> The example above means /etc/inet/hosts will be tried first, then NIS,
> then DNS.
>
> By the way, it's not a good idea to list DNS *before* the hosts file, like
> this:
>
> hosts:      dns files
>
> In that configuration, if for some reason DNS isn't available, it can
> cause your Solaris box to fail at boot (or at least take a LONG time to
> boot) because it can't discover its own name unless/until the search fails
> over to the hosts file.  Always list "files" first, and make sure the
> machine's name and address are in /etc/inet/hosts.  This may seem like a
> silly unnecessary warning, but I've had to deal with the consequences a
> number of times when a local admin has put "files" after "dns" (or even
> deleted "files") in /etc/inet/hosts.

I disagree with this recommendation. A lot of cruft gets into our /etc/hosts
files, mostly because the only people putting stuff there are clueless anyway
(because anything of importance is already in DNS). I've had numerous
problems with stale /etc/hosts entries "hiding" valid DNS entries. Therefore,
our standard is "hosts: dns files" (or the equivalent nameservice order on
other platforms).

As for the potential bootup delay, all of our Unix boxes run local caching
nameservers, so there's very little chance of DNS being completely
unavailable. And if the box is that hosed that it can't even start its own
local caching nameserver, then it's got bigger problems than just a bootup
delay...


- Kevin

More information about the bind-users mailing list