[TriLUG] Reverse Lookup Using /etc/hosts

Tanner Lovelace clubjuggler at gmail.com
Thu Apr 26 14:28:23 EDT 2007


On 4/26/07, Joseph Mack NA3T <jmack at wm7d.net> wrote:
> On Thu, 26 Apr 2007, Tanner Lovelace wrote:
>
> > On 4/25/07, Joseph Mack NA3T <jmack at wm7d.net> wrote:
> >> On Wed, 25 Apr 2007, Alexei Znamensky wrote:
> >>
> >> > Tarus,
> >> >
> >> > nslookup/host works exclusively with DNS, it doesn't follow the system's
> >> > resolver order (read /etc/nsswitch.conf or host.conf).
> >>
> >> there is no resolver facility in Linux which applications
> >> ask for name resolution. Applications do what they want and
> >> can ignore files in /etc
> >
> > Not true.
>
> The original poster is not getting name resolution.

Which "original poster" are you referring to?  If you are
referring to Tarus, he was using nslookup, which is
specifically a DNS testing tool, to do the lookup.
His actual application, however, is a java program
using the java equivalent to gethostbyname, which *does*
follow the linux nsswitch.conf resolving setup.

> Applications that access disks don't do it directly, they
> don't have special code for the various types of disks, they
> ask the disk access facility to do it for them.
>
> The original poster has an application that accesses DNS
> directly, which it has no business doing. I ran into the

Not true.  He was using nslookup which is a tool that
previously came with the name server (and is now
deprecated in favor of dig, which is also a dns testing
tool).  The test program he was using was written specifically
to test DNS resolution and therefore it is perfectly valid
that it not check local files.

His actual application, however, was something different.

> same problem with Postfix - it only uses DNS. If the

Postfix is a mail transport agent and therefore by design
does not lookup A records.  Instead it looks up MX records.
Note that /etc/hosts does not contain MX records, so it
is therefore appropriate that postfix not look there.  However,
it is possible to make postfix look for both A records and
use /etc/hosts.  This postfix config line will make postfix
use /etc/hosts:

disable_dns_lookups = yes

For more information about this see this URL:

http://www.postfix-jp.info/origdocs/QandA-en.html#4.10

> application had to ask a name resolution facility for
> resolution, then the name resolution facility would get the
> info from wherever (DNS, /etc/hosts) and return it to the
> application. The application would not know, or have any way
> of knowing where the information came from.

But, see, you have to take the context of what the application
is looking for.  The /etc/hosts file only provides names and
IP addresses.  Postfix, by default, isn't looking for that.  It's
looking for MX records.  The programs nslookup, dig, and host
are all tools written to test and debug the DNS system.  It
would be wrong for them to look in /etc/hosts, since it is
not part of the DNS system.  For most applications, though,
that only look for IP addresses (A records) or hostnames (PTR
records), looking in /etc/hosts is appropriate, and in fact,
this is what the gethostbyname and gethostbyipaddr system
calls do.  The problem here, I believe, is that you have constructed
invalid test cases.

> I don't have the original post (can't find the mailing list
> archives), but applications and sysadmins should have tools
> other than DNS debugging tools for name resolution.

I believe this is the original post:

http://www.trilug.org/pipermail/trilug/Week-of-Mon-20070423/048291.html

I agree that there should be tools other than DNS debugging
tools.  Kevin suggested probably the best one:

% getent hosts {hostname}

This will correctly use the linux name resolving functions and
follow what has been set up in nsswitch.conf.

Cheers,
Tanner
-- 
Tanner Lovelace
clubjuggler at gmail dot com
http://wtl.wayfarer.org/
(fieldless) In fess two roundels in pale, a billet fesswise and an
increscent, all sable.



More information about the TriLUG mailing list