first /etc/hosts, then nameserver

[Chip Old]

On Tue, 8 May 2001, Kevin Darcy wrote:

> I disagree with this recommendation. A lot of cruft gets into our
> /etc/hosts files, mostly because the only people putting stuff there
> are clueless anyway (because anything of importance is already in
> DNS). I've had numerous problems with stale /etc/hosts entries
> "hiding" valid DNS entries. Therefore, our standard is "hosts: dns
> files" (or the equivalent nameservice order on other platforms).

It depends on local conditions.  If you can't control the contents
of the hosts files on the UNIX boxes in your domain, then I agree you're
better off to list "dns" before "files" in nsswitch.conf.  Your hosts
files are for all intents and purposes useless.  But in a normal
environment (at least what I think of as "normal") the contents of the
hosts files is more closely controlled, containing only the name and
address of the local machine plus any other machines that *must* be
accessible if for some reason DNS fails.  In that environment it makes
more sense to list "hosts"  before "dns".

> As for the potential bootup delay, all of our Unix boxes run local
> caching nameservers, so there's very little chance of DNS being
> completely unavailable. And if the box is that hosed that it can't
> even start its own local caching nameserver, then it's got bigger
> problems than just a bootup delay...

Agreed it has big problems, but if a Solaris box that refuses to boot
because it can't figure out its own name, then it becomes a *REALLY* big
problem.  If you can keep close control of the contents of your hosts
files so they don't fill up with junk, then listing "files" before "dns"
is a good precaution.

-- 
Chip Old (Francis E. Old)               E-Mail:  fold at bcpl.net
Manager, BCPL Network Services          Voice:   410-887-6180
Manager, BCPL.NET Internet Services     FAX:     410-887-2091
320 York Road
Towson, Maryland 21204-5179 U.S.A.