What is proper relationship between /etc/hosts and DNS A records for a Linux server?
Solution 1
The proper relationship between /etc/hosts
entries and DNS is that if you have working DNS /etc/hosts should only contain entries for localhost
(pointing to 127.0.0.1
and ::1
). Mucking about with a hosts file when you have working DNS is just a way to create strange behavior and trouble later.1
If you need reverse DNS contact your ISP (Linode) and ask them to set an appropriate PTR
record for your IP address.
There is no requirement for the PTR record to match an A record (or indeed for any host with that name to exist at all: 69.18.136.215 reverses to cl136-215.invision.net, which does not have a forward address), so you can set the PTR name to match an A record, a CNAME, or to any valid DNS name you would like.
1As with all rules, exceptions exist. Your case does not sound like one of them.
Solution 2
If you put those entries in the /etc/hosts
file your system will bypass DNS and use the entry from the hosts file.
This could complicate the debugging if something in one of these configs (DNS or hosts file) is wrong. Or you have strange behaviours if you change the DNS records and forget the /etc/hosts
file.
You can use the /etc/hosts
file for testing purposes, for example testing your site before DNS changes are made.
Solution 3
In your system setup, the /etc/hosts
file is probably read before resorting to DNS lookups. So I'd probably provide the systems's IP, fully-qualified domain name (trinity.example.com), the short name (trinity) and the website address (www.example.com).
Here's a guide for the format of your hosts file. See: Setting the hostname: FQDN or short name?
Related videos on Youtube
Manos Vajasan
You may be interested in the story of SE moderator Monica Cellio and how she was unfairly treated by the corporate management of this site. More info here. An update is available. Let's hope we can cultivate a more fair environment for content creators and moderators going forward.
Updated on September 18, 2022Comments
-
Manos Vajasan almost 2 years
I have an Ubuntu server. It is going to be a web server with a URI of
www.example.com
. I have a DNS A record pointingwww.example.com
to the server's IP address.Let's say I pick "trinity" as the hostname for this server.
I want to set up the DNS records correctly. I need reverse DNS to
www.example.com
, so a CNAME forwww.example.com
doesn't seem appropriate. Here's my question:Is it considered best practice to set up two DNS records (which in my case would likely be two A records), one for
www.example.com
and one fortrinity.example.com
, both pointing to this server's IP address? (Or, even if it is not accepted as a best practice, is it a good idea?)If so, would the following be a proper /etc/hosts file?
$ cat /etc/hosts 127.0.1.1 trinity.local trinity 99.100.101.102 trinity.example.com trinity www.example.com
This server is a Linode and Linode's docs seem to imply that the above approach is best (if I am reading them correctly). Here's the relevant section. I bolded the line that seems to apply here.
Update /etc/hosts
Next, edit your /etc/hosts file to resemble the following example, replacing "plato" with your chosen hostname, "example.com" with your system's domain name, and "12.34.56.78" with your system's IP address. As with the hostname, the domain name part of your FQDN does not necesarily need to have any relationship to websites or other services hosted on the server (although it may if you wish). As an example, you might host "www.something.com" on your server, but the system's FQDN might be "mars.somethingelse.com."
File:/etc/hosts
127.0.0.1 localhost.localdomain localhost 12.34.56.78 plato.example.com plato
The value you assign as your system's FQDN should have an "A" record in DNS pointing to your Linode's IP address. For more information on configuring DNS, please see our guide on configuring DNS with the Linode Manager.
-
SunSparc about 11 yearsTo answer your question about setting up two DNS records for a server, the answer is, "yes, depending on your needs". If a service or users needs access to your server using different names, by all means, setup as many DNS records as you need. There is no harm in it. And concerning A/CNAME records. If you can make an
A
record, you should.CNAME
records should be used as a last resort. (According to D. J. Bernstein)
-
-
Manos Vajasan about 12 yearsI don't have a local DNS server.
-
Manos Vajasan about 12 yearsI read the link and your response. It sounds like you agree with what I proposed in my question, but I am still not 100% clear on this. And what about the two DNS A records?
-
Taucher about 12 yearsSorry I wrote it unclear. I meant your server resolves the FQDNs from his local /etc/hosts and not from the DNS server.
-
ewwhite about 12 yearsYour external/internal DNS A record needs to resolve any names you wish to use for the server. So, an A record for example.com, a CNAME for www.example.com, and an A record for trinity.example.com.
-
Manos Vajasan about 12 yearsI need reverse DNS, so a CNAME for www.example.com doesn't seem appropriate. I would prefer an A record for www.example.com. That will leave me with 2 A records, and that seems strange to me. I'll add this to my question. Thanks.
-
Manos Vajasan about 12 yearsI don't understand why this answer is getting upvoted the most because this is a completely non-standard way of doing it in Ubuntu. In every Ubuntu server I have seen, the /etc/hosts file always has an entry for the public IP address. I admit -- I'm confused now.
-
voretaq7 about 12 years@MountainX "Ubuntu does it that way" doesn't fly with me -- Ubuntu is FULL of broken behavior and this strikes me as yet another case of it. Two questions to consider -- Question 1: What happens when I change the public IP? Question 2: What happens if I do it by editing the config file rather than using the magical config GUI?
-
voretaq7 about 12 yearsAlso consider an axiom of system administration: There should be one and only one authoritative source for any piece of information -- Having entries for something in your hosts file that also exists in DNS violates that axiom and invites trouble later...