host versus nslookup

Fajar A. Nugraha work at fajar.net
Thu Oct 13 07:24:06 UTC 2011 

On Thu, Oct 13, 2011 at 1:05 PM, listmail <listmail at entertech.com> wrote:
> On Thu, 13 Oct 2011 03:33:30 +0700, Fajar A. Nugraha wrote
>> If you're concern about what address programs gets when they resolve
>> host names, then getent is a better choice as it also respects
>> nsswitch.conf and hosts file.
>>
> According to the (almost useless) manpage for getent,

Yes, it can be improved :)

> all it does is lookups
> in local files, not name resolution.
>
> I can see how this would be useful if you were not using DNS, but....????
>

If your purpose is to diagnose "can the DNS server used as resolver
for my server resolve a particular FQDN", then either host or nslookup
will usually suffice, with "dig" giving more detailed output.

However, if your concern is "can my program find the IP address for a
particular FQDN", then getent will give more accurate info as it also
takes into consideration the content of nsswitch.conf and the sources
listed on that file. So getent might search for local files, DNS, NIS,
or whatever source listed for "hosts" database in nsswitch.conf.

> What am I missing here?

>From the man page:

"
The getent program gathers entries from the specified administrative
database using the specified search keys.  Where database is
       one of passwd, group, hosts, services, protocols, or networks.
"

In this particular case we're only interested in hosts.

I found more detailed explanation in a Solaris reference, which
basically say getent asks the database source in order specified in
/etc/nsswitch.conf. So for example if your /etc/nsswitch.conf has
something like this:

hosts:          files dns

and your /etc/hosts has this entry

111.90.255.252  archive.ubuntu.com

then getent and host will give different results for
archive.ubuntu.com, since getent will search /etc/hosts first.


$ host archive.ubuntu.com
archive.ubuntu.com has address 91.189.92.180
archive.ubuntu.com has address 91.189.92.181
archive.ubuntu.com has address 91.189.92.182
archive.ubuntu.com has address 91.189.92.183
archive.ubuntu.com has address 91.189.92.184
archive.ubuntu.com has address 91.189.92.188
archive.ubuntu.com has address 91.189.92.190
archive.ubuntu.com has address 91.189.92.169
archive.ubuntu.com has address 91.189.92.170
archive.ubuntu.com has address 91.189.92.171
archive.ubuntu.com has address 91.189.92.176
archive.ubuntu.com has address 91.189.92.177
archive.ubuntu.com has address 91.189.92.179

$ getent hosts archive.ubuntu.com
111.90.255.252  archive.ubuntu.com


on the other hand both will give same result for google.com (which is
not in /etc/hosts)


www.google.com is an alias for www.l.google.com.
www.l.google.com has address 209.85.175.99
www.l.google.com has address 209.85.175.104
www.l.google.com has address 209.85.175.105
www.l.google.com has address 209.85.175.103
www.l.google.com has address 209.85.175.106
www.l.google.com has address 209.85.175.147

$ getent hosts www.google.com
209.85.175.99   www.l.google.com www.google.com
209.85.175.104  www.l.google.com www.google.com
209.85.175.105  www.l.google.com www.google.com
209.85.175.103  www.l.google.com www.google.com
209.85.175.106  www.l.google.com www.google.com
209.85.175.147  www.l.google.com www.google.com

-- 
Fajar

More information about the bind-users mailing list