Configuring Name Resolver Settings
When configuring IP settings for a network interface, you also need to
specify the system’s host- name and the IP address of your DNS server.
Because you are most likely a savvy Internet user, you know that you
can use domain names to navigate to particular hosts on the Web.
However, your Linux system (or any other operating system, for that
matter) actually can’t work with the alphanumeric domain names that we
are used to.
For example, when you open a browser window and enter
http://www.google.com in the URL field, your browser, IP stack, and
operating system have no clue where to go to get the requested
information. To make this work, your local system needs to first
resolve these domain names into IP addresses.
In the old days, basic hostname-to-IP-address resolution was performed
by the
/etc/hosts
file, which contains IP-address-to-hostname mappings.
NOTE
The /etc/hosts file still exists on Linux systems. In fact, it is
the first name resolver used by default.
Only if a record for the requested domain name doesn’t exist in the hosts file
will the operating system then try to resolve the hostname using DNS. Because
of this, you have to manage your hosts file very carefully. Many
network hacks exploit this function of the operating system. A
malicious website or malware may try to rewrite your hosts file with
name mappings that point you to fake websites on the Internet that
look like your favorite auction or banking site but instead are
elaborate phishing websites designed to steal your personal
information.
The hosts file contains one line per host record. The syntax is
IP_address host_name alias
For example, consider the following hosts file entry:
192.168.1.1 mylinux.mydom.com mylinux
This record resolves either the fully qualified DNS name of
mylinux.mydom.com or the alias (CNAME) of mylinux to an IP address of
192.168.1.1. Usually this file only contains the IP address and
hostname of the local system, but you can add other entries too.
Using the hosts file to resolve hostnames works just fine; however, it
really isn’t feasible as the sole means of name resolution. The file
would have to be huge in order to resolve all the domain names used by
hosts on the Internet. In addition, you would have to manually add,
remove, and modify hostname mappings in the file whenever a domain
name changed on the Internet. What a nightmare! Can you imagine trying
to manage this type of hosts file for an entire network of users?
A better option is to submit the domain name to a DNS server. When a
DNS server receives a name resolution request, it matches the domain
name submitted with an IP address and returns it to the requesting
system. Your system can then contact the specified host using its IP
address. Here’s how it works:
1. The system needing to resolve a hostname sends a request to the DNS
server it has been configured to use on
IP port 53.
If the DNS server is authoritative for the zone where the requested hostname resides,
it responds with the appropriate IP address. If not, the process
continues on to step 2.
NOTE A DNS server is considered to be authoritative if it has a record
for the domain name being requested in its database of name mappings.
2. The DNS server sends a request to a root-level DNS server. There
are 13 root-level DNS servers on the Internet. Every DNS server is
automatically configured with the IP addresses of these servers. These
root-level DNS servers are configured with records that resolve to
authoritative DNS servers for each top-level domain (.com, .gov, .edu,
.au, .de, .uk, .ca, and so on).
3. The root-level DNS server responds to your DNS server with the IP
address of a DNS server that is authoritative for the top-level domain
of the domain name you are trying to resolve.
4. Your DNS server sends the name resolution query to the DNS server
that is authoritative for the hostname’s top-level domain (such as
.com).
5. The top-level domain DNS server responds to your DNS server with
the IP address of a DNS server that’s authoritative for the DNS zone
of the hostname you need to resolve.
6. Your DNS server sends a name resolution request to the DNS server
that’s authoritative for the zone where the hostname you are trying to
resolve resides.
7. The authoritative DNS server responds to your DNS server with the
IP address for the hostname.
8. Your DNS server responds to your system with the IP address mapped
to the hostname, and the respective system is contacted using this IP
address.
NOTE Once this process happens for a particular name mapping, most DNS
servers will cache the mapping for a period of time. That way, if a
resolution request for the same hostname is received again, they can
respond directly to the client without going through this whole
process again.
Therefore, to make this system work, you must provide your system with
the IP address of the DNS server you want it to use. This is
configured in the
/etc/resolv.conf
file. This file defines the search prefix and the name servers to use. Here is some
sample content from my openSUSE system’s resolv.conf file:
search mydom.com
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 192.168.2.1
As you can see in this example, the file contains two types of entries:
• search
Specifies the domain name that should be used to fill out
incomplete hostnames. For example, if you were to try to resolve a
hostname of WS1, the name will be automatically converted to the fully
qualified domain name of WS1.mydom.com. The syntax is search domain.
• nameserver
Specifies the IP address of the DNS server you want to
use for name resolution. You can configure up to three DNS servers. If
the first server fails or is otherwise unreachable, the next DNS
server is used. The syntax is
nameserver DNS_ server_IP_address
You can use the
/etc/nsswitch.conf
(name service switch) file to define the order in which services will be used for name resolution.
Here are the two lines of the file you need to be concerned with:
hosts: files dns
networks: files dns
These two entries specify that the /etc/hosts file (files) is
consulted first for name resolution. If there is no applicable entry,
the query is then sent to the DNS server (dns) specified in the
resolv.conf file.
TIP You can use the
hostname
command at the shell prompt to show or set the system’s hostname. You can also use the
dnsdomainname
command to show the system’s DNS domain name.
LX0-104 Exam Objectives (S)
No comments:
Post a Comment