Is there any point to full host names in /etc/hosts ?
This is a discussion on Is there any point to full host names in /etc/hosts ? within the Linux Networking forums, part of the Linux Forums category; This is the situation: a friend and I both use a broadband router with a few machines behind them, at ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-02-2007
|
|||
|
|||
Is there any point to full host names in /etc/hosts ?
This is the situation: a friend and I both use a broadband router with a few
machines behind them, at our respective homes. We each picked a name for our 'domain'. His is fictional. Mine also exists on the net, but with only the www and ftp of rikishi42.net defined in the DNS, not my home machines. He's added 2 of my PC's in the /etc/hosts of his laptop, for use when he visits and connects it to my LAN. This would be a sample from that file: # Home net 192.168.108.101 desktop.myDomain desktop 192.168.108.124 laptop.myDomain laptop 192.168.108.101 server.myDomain server #Rikishi's net 192.168.8.142 gramps.rikishi42.net gramps 192.168.8.181 pigmy.rikishi42.net pigmy We've allways used this, works just fine. When connectiong to my machines, he's allways used the short (host only) name. Last time, he accidentally tried with the full name. It failed. My guess is that, upon finding that rikishi42.net exists, there is an attempt to get the address from the DNS, skipping hosts all together. But do I presume correctly, or is there more to it? -- There is an art, it says, or rather, a knack to flying. The knack lies in learning how to throw yourself at the ground and miss. Douglas Adams 
|
|
11-02-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
On Fri, 2 Nov 2007 12:44:11 +0100, Rikishi 42 <skunkworks@rikishi42.net> wrote:
| This is the situation: a friend and I both use a broadband router with a few | machines behind them, at our respective homes. We each picked a name for our | 'domain'. His is fictional. Mine also exists on the net, but with only the | www and ftp of rikishi42.net defined in the DNS, not my home machines. | | He's added 2 of my PC's in the /etc/hosts of his laptop, for use when he | visits and connects it to my LAN. | | This would be a sample from that file: | | # Home net | 192.168.108.101 desktop.myDomain desktop | 192.168.108.124 laptop.myDomain laptop | 192.168.108.101 server.myDomain server | #Rikishi's net | 192.168.8.142 gramps.rikishi42.net gramps | 192.168.8.181 pigmy.rikishi42.net pigmy | | | We've allways used this, works just fine. | When connectiong to my machines, he's allways used the short (host only) | name. Last time, he accidentally tried with the full name. It failed. | | | My guess is that, upon finding that rikishi42.net exists, there is an | attempt to get the address from the DNS, skipping hosts all together. | | But do I presume correctly, or is there more to it? /etc/nsswitch.conf determines whether DNS or /etc/hosts is checked first, and whether the other is checked at all. Sounds like your friend might have DNS first. The second choice is generally only checked if the first fails (i.e DNS is unreachable). If DNS returns a "host does not exist" error, that does not trigger a fall back to /etc/hosts. -- Reverend Paul Colquhoun, ULC. http://andor.dropbear.id.au/~paulcol Asking for technical help in newsgroups? Read this first: http://catb.org/~esr/faqs/smart-questions.html#intro
|
|
11-02-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 ,--- Rikishi 42 writes: | This is the situation: a friend and I both use a broadband router with a few | machines behind them, at our respective homes. We each picked a name for our | 'domain'. His is fictional. Mine also exists on the net, but with only the | www and ftp of rikishi42.net defined in the DNS, not my home machines. | He's added 2 of my PC's in the /etc/hosts of his laptop, for use when he | visits and connects it to my LAN. | This would be a sample from that file: | # Home net | 192.168.108.101 desktop.myDomain desktop | 192.168.108.124 laptop.myDomain laptop | 192.168.108.101 server.myDomain server | #Rikishi's net | 192.168.8.142 gramps.rikishi42.net gramps | 192.168.8.181 pigmy.rikishi42.net pigmy | We've allways used this, works just fine. | When connectiong to my machines, he's allways used the short (host only) | name. Last time, he accidentally tried with the full name. It failed. How is he trying connect to your box ? And are you sure, it failed at name resolution step, not something like connection etc. ? To resolve a hostname yourself, you can try "getent hosts <hostname>" . | My guess is that, upon finding that rikishi42.net exists, there is an | attempt to get the address from the DNS, skipping hosts all together. | But do I presume correctly, or is there more to it? It all depends on "/etc/nsswitch.conf"'s "hosts" entry. Usually "hosts" entry has "files" first and then "dns". But anyways, even if order is reverse, then also it should work, if it is not able to resolve from DNS. Anyways I added your records in my /etc/hosts and it is able to resolve 'gramps.rikishi42.net' without any problems. | -- | There is an art, it says, or rather, a knack to flying. | The knack lies in learning how to throw yourself at the ground and miss. | Douglas Adams Anyways, you can instead of adding each other's boxes in /etc/hosts, there is one more way, which you can try. i.e. Avahi ( http://avahi.org/ ) . HTH - -- Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/ ·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHK3KdHy+EEHYuXnQRArHrAJ0dOR9cpFYjjqCMoxozdP yhi555wwCg7kdV lndtGZxKxNnPX5e3Avip+0A= =4AKA -----END PGP SIGNATURE-----
|
|
11-02-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
On 2007-11-02, Paul Colquhoun <postmaster@andor.dropbear.id.au> wrote:
> /etc/nsswitch.conf determines whether DNS or /etc/hosts is checked > first, and whether the other is checked at all. Didn't know that one, thanks. I'll check it out. > Sounds like your friend might have DNS first. The second choice is > generally only checked if the first fails (i.e DNS is unreachable). If > DNS returns a "host does not exist" error, that does not trigger a fall > back to /etc/hosts. Seems exactly what I feared. I'll check his config, next time he visits. -- There is an art, it says, or rather, a knack to flying. The knack lies in learning how to throw yourself at the ground and miss. Douglas Adams
|
|
11-02-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
On 2007-11-02, Ashish Shukla ???? ????? <wahjava@gmail.com> wrote:
>| We've allways used this, works just fine. >| When connectiong to my machines, he's allways used the short (host only) >| name. Last time, he accidentally tried with the full name. It failed. > > How is he trying connect to your box ? And are you sure, it failed at > name resolution step, not something like connection etc. ? To resolve > a hostname yourself, you can try "getent hosts <hostname>" . Connection is OK, since the short names worked. Thanks for getent, I leared something. >| My guess is that, upon finding that rikishi42.net exists, there is an >| attempt to get the address from the DNS, skipping hosts all together. > >| But do I presume correctly, or is there more to it? > > It all depends on "/etc/nsswitch.conf"'s "hosts" entry. Usually > "hosts" entry has "files" first and then "dns". But anyways, even if > order is reverse, then also it should work, if it is not able to > resolve from DNS. > > Anyways I added your records in my /etc/hosts and it is able to > resolve 'gramps.rikishi42.net' without any problems. That would confirm that his nsswitch is not set correctly. Thanks for the info. -- There is an art, it says, or rather, a knack to flying. The knack lies in learning how to throw yourself at the ground and miss. Douglas Adams
|
|
11-02-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
On Fri, 2 Nov 2007, in the Usenet newsgroup comp.os.linux.networking, in article
<b5frv4-0qn.ln1@whisper.very.softly>, Rikishi 42 wrote: >He's added 2 of my PC's in the /etc/hosts of his laptop, for use when he >visits and connects it to my LAN. > >This would be a sample from that file: > ># Home net >192.168.108.101 desktop.myDomain desktop >192.168.108.124 laptop.myDomain laptop >192.168.108.101 server.myDomain server Minor quibble - a given hostname OR IP address should appear on one line only. >#Rikishi's net >192.168.8.142 gramps.rikishi42.net gramps >192.168.8.181 pigmy.rikishi42.net pigmy > >We've allways used this, works just fine. >When connectiong to my machines, he's allways used the short (host only) >name. Last time, he accidentally tried with the full name. It failed. Might be interesting to know what is in /etc/resolv.conf - domain or search lines? >My guess is that, upon finding that rikishi42.net exists, there is an >attempt to get the address from the DNS, skipping hosts all together. No - how would it know that a domainname exists in DNS without asking the DNS? >But do I presume correctly, or is there more to it? There are two files that control the order in which the hosts file or DNS is consulted. Older applications used /etc/host.conf, and this has a simple line that reads order hosts,bind which translates to 'check the hosts file, and if the hostname is not found, check DNS'. The second (more modern file) is /etc/nsswitch.conf which has it's own man page [compton ~]$ whatis nsswitch.conf nsswitch.conf [nsswitch] (5) - System Databases and Name Service Switch configuration file [compton ~]$ and a common configuration might be hosts: files nisplus nis dns which translates to 'check the hosts file, and if the hostname is not found, check NIS+ and if the hostname is not found check NIS, and if the hostname is not found check DNS". This line might be shortened by eliminating the NIS terms if you don't have NIS or NIS+ servers on your LAN (most don't). The other possible problem is the '/etc/resolv.conf' file, and the brain-dead use of 'domain' and/or 'search' lines. These lines allow use of short names in DNS - which may or may not be a massive security hole. There are a number of man pages you can look at - start with 'gethostbyname', 'resolver (5)' and 'hostname'. Perhaps the best way to troubleshoot DNS problems is to simply use a packet sniffer and LOOK at the questions (and answers) you are tossing at the name server. /usr/sbin/tcpdump -ni eth0 port 53 might give the clues needed. The DNS-HOWTO offers some assistance if you don't know what this dialog should look like. Old guy
|
|
11-03-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 ,--- Paul Colquhoun writes: [...] | Sounds like your friend might have DNS first. The second choice is | generally only checked if the first fails (i.e DNS is unreachable). If | DNS returns a "host does not exist" error, that does not trigger a fall | back to /etc/hosts. If 'dns' returns 'host doesn't exist' (i.e. NOTFOUND, for details checkout nsswitch.conf(5)), then the default action will be to continue, unless your friend's 'hosts' entry in '/etc/nsswitch.conf' is similar to following entry: hosts: dns [NOTFOUND=return] files According to above entry, if 'dns' returns NOTFOUND, name resolution should end there only, didn't proceed to 'files' . HTH - -- Ashish Shukla आशीष शुक्ल http://wahjava.wordpress.com/ ·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHK6RjHy+EEHYuXnQRAvHDAKCqTIZNh6ovmpWC9OKEhu KVOXqd4gCgqJj4 k/t2RAq4muAkJs7KHfga8dk= =s4wh -----END PGP SIGNATURE-----
|
|
11-03-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
Rikishi 42 <skunkworks@rikishi42.net> writes:
>This is the situation: a friend and I both use a broadband router with a few >machines behind them, at our respective homes. We each picked a name for our >'domain'. His is fictional. Mine also exists on the net, but with only the >www and ftp of rikishi42.net defined in the DNS, not my home machines. >He's added 2 of my PC's in the /etc/hosts of his laptop, for use when he >visits and connects it to my LAN. >This would be a sample from that file: ># Home net >192.168.108.101 desktop.myDomain desktop >192.168.108.124 laptop.myDomain laptop >192.168.108.101 server.myDomain server >#Rikishi's net >192.168.8.142 gramps.rikishi42.net gramps >192.168.8.181 pigmy.rikishi42.net pigmy >We've allways used this, works just fine. >When connectiong to my machines, he's allways used the short (host only) >name. Last time, he accidentally tried with the full name. It failed. >My guess is that, upon finding that rikishi42.net exists, there is an >attempt to get the address from the DNS, skipping hosts all together. It depends on whether he told his system to look for the address in hosts or in dns first. /etc/hosts.conf and /etc/nsswitch.conf >But do I presume correctly, or is there more to it? >-- >There is an art, it says, or rather, a knack to flying. >The knack lies in learning how to throw yourself at the ground and miss. >Douglas Adams
|
|
11-03-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
> This is the situation: a friend and I both use a broadband router with a few
> machines behind them, at our respective homes. We each picked a name for our > 'domain'. His is fictional. Mine also exists on the net, but with only the > www and ftp of rikishi42.net defined in the DNS, not my home machines. > He's added 2 of my PC's in the /etc/hosts of his laptop, for use when he > visits and connects it to my LAN. This will not answer your question but you may want to try and use DHCP with `dnsmasq' on your home network. This way you can setup your local dns proxy to serve names for your local network. E.g. I have my router use a fictional ".home" domain and all the machines that connect to it get a name there and can lookup each other without having to twiddle any /etc/hosts file. Better yet: the name they get is determined by the machine's name (passed to the DHCP server), so I don't even have a centralized database that maps names to IP either: it's all setup dynamically (although you do have to ask GNU/Linux's dhcp client to pass this name explicitly because it doesn't do it by default contrary to Mac OS X's). Stefan
|
|
11-03-2007
|
|||
|
|||
|
Re: Is there any point to full host names in /etc/hosts ?
Moe Trin wrote:
> On Fri, 2 Nov 2007, in the Usenet newsgroup comp.os.linux.networking, in article > <b5frv4-0qn.ln1@whisper.very.softly>, Rikishi 42 wrote: > >> He's added 2 of my PC's in the /etc/hosts of his laptop, for use when he >> visits and connects it to my LAN. >> >> This would be a sample from that file: >> >> # Home net >> 192.168.108.101 desktop.myDomain desktop >> 192.168.108.124 laptop.myDomain laptop >> 192.168.108.101 server.myDomain server > > Minor quibble - a given hostname OR IP address should appear on one > line only. That's is correct the format is [internet address] [domain name] [alias] > >> #Rikishi's net >> 192.168.8.142 gramps.rikishi42.net gramps >> 192.168.8.181 pigmy.rikishi42.net pigmy >> >> We've allways used this, works just fine. >> When connectiong to my machines, he's allways used the short (host only) >> name. Last time, he accidentally tried with the full name. It failed. > > Might be interesting to know what is in /etc/resolv.conf - domain or > search lines? > >> My guess is that, upon finding that rikishi42.net exists, there is an >> attempt to get the address from the DNS, skipping hosts all together. > > No - how would it know that a domainname exists in DNS without asking > the DNS? > >> But do I presume correctly, or is there more to it? > > There are two files that control the order in which the hosts file or > DNS is consulted. Older applications used /etc/host.conf, and this > has a simple line that reads > > order hosts,bind > > which translates to 'check the hosts file, and if the hostname is not > found, check DNS'. The second (more modern file) is /etc/nsswitch.conf > which has it's own man page > > [compton ~]$ whatis nsswitch.conf > nsswitch.conf [nsswitch] (5) - System Databases and Name Service Switch > configuration file > [compton ~]$ > > and a common configuration might be > > hosts: files nisplus nis dns > > which translates to 'check the hosts file, and if the hostname is not > found, check NIS+ and if the hostname is not found check NIS, and if the > hostname is not found check DNS". This line might be shortened by > eliminating the NIS terms if you don't have NIS or NIS+ servers on your > LAN (most don't). > > The other possible problem is the '/etc/resolv.conf' file, and the > brain-dead use of 'domain' and/or 'search' lines. These lines allow > use of short names in DNS - which may or may not be a massive security > hole. There are a number of man pages you can look at - start with > 'gethostbyname', 'resolver (5)' and 'hostname'. > > Perhaps the best way to troubleshoot DNS problems is to simply use a > packet sniffer and LOOK at the questions (and answers) you are tossing > at the name server. > > /usr/sbin/tcpdump -ni eth0 port 53 > > might give the clues needed. The DNS-HOWTO offers some assistance if > you don't know what this dialog should look like. > > Old guy >
|
Linear Mode
