9.7 Configuring the Order in Which a Resolver Uses DNS, /etc/hosts, and NIS

9.7.1 Problem

You want to configure the order in which a system's resolver consults various naming services.

9.7.2 Solution

Some vendor's BIND resolvers support configuration of the order in which the resolvers look up names using the various naming services they support. These naming services may include DNS, NIS, NIS+ and /etc/hosts. On the Solaris and HP-UX operating systems, as well as recent versions of Linux and Irix, resolver service order is configured using the nsswitch.conf file, which usually resides in the /etc directory. Lines in nsswitch.conf begin with the name of a database, followed by a colon and a list of one or more sources. For the resolver, the database name is hosts, and the possible sources are:

dns

The name servers listed in resolv.conf

files

/etc/hosts

nis

Sun's Network Information Service

nisplus

Sun's NIS+

The resolver tries the sources in the order listed, so to tell the resolver to check /etc/hosts before querying a name server, you could add this line to nsswitch.conf:

hosts: files dns

By default, the resolver continues to the next source if the previous isn't available or can't find a name. You can modify this behavior by adding condition=action clauses between source names. The possible conditions are:

unavail

True if the previous source hasn't been configured (for example, for DNS, there's no local name server running and no resolv.conf file).

notfound

True if a lookup using the previous source returns an answer that indicates that the name doesn't exist.

tryagain

True if a lookup using the previous source indicates a temporary failure (for example, a DNS query timeout).

success

True if a lookup using the previous source succeeds.

The supported actions are either return (return the result from the previous source) or continue (go on to the next source). The clause is written in square brackets:

hosts: files [notfound=continue] dns

On Windows 95, 98, and ME, you can configure resolver service order by adding subkeys to the following Registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP\ServiceProvider 

The four Registry subkeys, each a signed, 16-bit number in hexadecimal format, control the order in which the Windows resolver uses the HOSTS and LMHOSTS files, name servers, and NBT queries to resolve names:

LocalPriority

The LMHOSTS file, default priority 499

HostsPriority

The HOSTS file, default priority 500

DNSPriority

The configured name servers, default priority 2000

NetbtPriority

NBT queries, default priority 2001

The lower the value of the key, the earlier the resolver uses that naming service. Deleting a subkey prevents the resolver from using the corresponding service.

9.7.3 Discussion

Some older versions of Linux support configuration of the service order using a file called host.conf; try man host.conf to see if your version does.

The only support in Windows NT 4.0 and Windows 2000 for configuring the service order is a single Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DnsNbtLookupOrder

The default value, 0, tells the resolver to query name servers before using NBT queries. Set the value to 1 to instruct the resolver to use NBT queries first.

9.7.4 See Also

"Vendor-Specific Options" in Chapter 6 of DNS and BIND.