Why is my /etc/hosts file not queried when nslookup tries to resolve an address?
Solution 1
nslookup
only does proper DNS resolution, which is significantly different from the Name Service Switch subsystem that your other applications use; that is to say nslookup
ignores /etc/hosts
and mDNS.
To test local resolutions like that, use something that uses NSS. ping <hostname>
for example. Here's a simple demo based on an /etc/hosts
entry on my network.
$ nslookup bert
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find bert: NXDOMAIN
$ ping bert
PING bert (10.10.0.4) 56(84) bytes of data.
64 bytes from bert (10.10.0.4): icmp_seq=1 ttl=64 time=0.352 ms
64 bytes from bert (10.10.0.4): icmp_seq=2 ttl=64 time=0.407 ms
Note that there are DNS servers and proxies that can factor in an /etc/hosts
file. In these cases, nslookup
might return a result from a local source.
Solution 2
I guess that you want the name resolution from /etc/hosts
file for the specific host (mysite.com).
Another common problem that can cause this behavior is that you may have many entries on the /etc/hosts
file for the same IP, example:
1.1.1.1 host1.domain1.com
1.1.1.1 host2.domain2.com
In some implementations, this can cause the name resolution to get handed to DNS. A quick fix, group everything in 1 row
1.1.1.1 host1.domain1.com host2.domain2.com
Solution 3
Another common thing I see is where somebody (usually me) reverses the IP address with the hostname in /etc/hosts
- for example:
mysite.com 10.2.3.4
At first glance, it looks normal... Here is my solution about 50% of the time:
10.2.3.4 mysite.com
Related videos on Youtube
Mehran
Updated on September 18, 2022Comments
-
Mehran over 1 year
I have a couple of local domains resolved to
127.0.0.1
in my/etc/hosts
file. And it was all alright for a period of time but now when I run:nslookup test.local
It results in:
Server: 192.168.1.3 Address: 192.168.1.3#53 ** server can't find test.local: NXDOMAIN
The
192.168.1.3
is our network DNS and it's not supposed to know my local domaintest.local
. After a couple of searches I found that/etc/nsswitch.conf
file holds information on the priority of the DNS sources to query by. But there was no problem there! Here's mine:# /etc/nsswitch.conf # # Example configuration of GNU Name Service Switch functionality. # If you have the `glibc-doc-reference' and `info' packages installed, try: # `info libc "Name Service Switch"' for information about this file. passwd: compat group: compat shadow: compat hosts: files mdns4_minimal [NOTFOUND=return] dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis
So does anyone know why my
hosts
file is not included in DNS look-up? -
CybeX almost 7 yearsguilty of it this time...#sigh
-
Mikko Rantalainen over 6 yearsInstead of
ping
one should be usinggetent ahosts
because that does not require all the extra stuff thatping
has. -
m3nda about 6 yearsUsually the hosts files comes with predefined 127.0.0.1 localhost entry. Doing it wrong is so much wrong :-)