hello,

We have two environments, one for test and one for the production.

Because our applications need the hostname in a lot of configuration
files, we choose to leave the hostname of the production server in the
configuration of the test environment. Therefore, to resolve the ip
address to the proper server we have an entry in a DNS server to
resolve for the production server. For the test environment, we
defined an entry like "11.22.33.44 prodsrv" in /etc/hosts and we
have "hosts: files dns" in the file /etc/nsswitch.conf.

Now, on our test server when we do `nslookup prodsrv`, it gives us the
ip address of the production server rather than the address of the test
server.

How come nslookup on the test server does not resolve to the ip address
of test server? What could be wrong?

Our linux distro is SuSE version 9 patchlevel 2.

Thanks in advance,
Bernard

On Thu, 03 Aug 2006 11:39:02 -0700, x wrote:

> Now, on our test server when we do `nslookup prodsrv`, it gives us the
> ip address of the production server rather than the address of the test
> server.

nslookup does not refer to the /etc/hosts file.

Dave Uhring wrote:
> On Thu, 03 Aug 2006 11:39:02 -0700, x wrote:
>
>> Now, on our test server when we do `nslookup prodsrv`, it gives us
>> the ip address of the production server rather than the address of
>> the test server.
>
> nslookup does not refer to the /etc/hosts file.

This is exactly why DNS and /etc/hosts should never be allowed to *conflict*
in their information for the same hosts or IP addresses. Tools which use one
source of data will argue with the other.

xi@videotron.ca writes:

>hello,

>We have two environments, one for test and one for the production.

>Because our applications need the hostname in a lot of configuration
>files, we choose to leave the hostname of the production server in the
>configuration of the test environment. Therefore, to resolve the ip
>address to the proper server we have an entry in a DNS server to
>resolve for the production server. For the test environment, we
>defined an entry like "11.22.33.44 prodsrv" in /etc/hosts and we
>have "hosts: files dns" in the file /etc/nsswitch.conf.

>Now, on our test server when we do `nslookup prodsrv`, it gives us the
>ip address of the production server rather than the address of the test
>server.

nslookup is the wrong tool. Its whole purpose is to query dns servers.
Do
ping prodsrv
and look at the address used if you want to see if something uses
/etc/hosts.


>How come nslookup on the test server does not resolve to the ip address
>of test server? What could be wrong?

>Our linux distro is SuSE version 9 patchlevel 2.

>Thanks in advance,
>Bernard

"Nico Kadel-Garcia" <nkadel@comcast.net> writes:

>Dave Uhring wrote:
>> On Thu, 03 Aug 2006 11:39:02 -0700, x wrote:
>>
>>> Now, on our test server when we do `nslookup prodsrv`, it gives us
>>> the ip address of the production server rather than the address of
>>> the test server.
>>
>> nslookup does not refer to the /etc/hosts file.

>This is exactly why DNS and /etc/hosts should never be allowed to *conflict*
>in their information for the same hosts or IP addresses. Tools which use one
>source of data will argue with the other.

Only if they are allowed into the same room together. Why would anyone use
nslookup for anything except giving information to a human?

Unruh wrote:
> "Nico Kadel-Garcia" <nkadel@comcast.net> writes:
>
>> Dave Uhring wrote:
>>> On Thu, 03 Aug 2006 11:39:02 -0700, x wrote:
>>>
>>>> Now, on our test server when we do `nslookup prodsrv`, it gives us
>>>> the ip address of the production server rather than the address of
>>>> the test server.
>>>
>>> nslookup does not refer to the /etc/hosts file.
>
>> This is exactly why DNS and /etc/hosts should never be allowed to
>> *conflict* in their information for the same hosts or IP addresses.
>> Tools which use one source of data will argue with the other.
>
> Only if they are allowed into the same room together. Why would
> anyone use nslookup for anything except giving information to a human?

Because nslookup is hardly the only thing that does DNS checking. Take a
look at the contents of your /etc/nsswitch.conf to see if it's actually set
to use "files" or "dns" first: then look what happens if you change the
order around, then add "nis" with the automatic or semi-automatic
configuration tools and your order gets messed up. Then look at tools like
SSH that do reverse DNS lookups and watch the craziness *they* create when
you wind up with two IP addresses corresponding to the same hostname.

Unruh wrote:
> xi@videotron.ca writes:
>
> >hello,
>
> >We have two environments, one for test and one for the production.
>
> >Because our applications need the hostname in a lot of configuration
> >files, we choose to leave the hostname of the production server in the
> >configuration of the test environment. Therefore, to resolve the ip
> >address to the proper server we have an entry in a DNS server to
> >resolve for the production server. For the test environment, we
> >defined an entry like "11.22.33.44 prodsrv" in /etc/hosts and we
> >have "hosts: files dns" in the file /etc/nsswitch.conf.
>
> >Now, on our test server when we do `nslookup prodsrv`, it gives us the
> >ip address of the production server rather than the address of the test
> >server.
>
> nslookup is the wrong tool. Its whole purpose is to query dns servers.
> Do
> ping prodsrv
> and look at the address used if you want to see if something uses
> /etc/hosts.
>
>

Thanks! I didn't know nslookup and host, for that matter, does not use
the hosts file. ping confirmed the resolution was as requested.
Everything works smoothly now.

Thanks,
Bernard

> >How come nslookup on the test server does not resolve to the ip address
> >of test server? What could be wrong?
>
> >Our linux distro is SuSE version 9 patchlevel 2.
>
> >Thanks in advance,
> >Bernard

"Nico Kadel-Garcia" <nkadel@comcast.net> writes:

>Unruh wrote:
>> "Nico Kadel-Garcia" <nkadel@comcast.net> writes:
>>
>>> Dave Uhring wrote:
>>>> On Thu, 03 Aug 2006 11:39:02 -0700, x wrote:
>>>>
>>>>> Now, on our test server when we do `nslookup prodsrv`, it gives us
>>>>> the ip address of the production server rather than the address of
>>>>> the test server.
>>>>
>>>> nslookup does not refer to the /etc/hosts file.
>>
>>> This is exactly why DNS and /etc/hosts should never be allowed to
>>> *conflict* in their information for the same hosts or IP addresses.
>>> Tools which use one source of data will argue with the other.
>>
>> Only if they are allowed into the same room together. Why would
>> anyone use nslookup for anything except giving information to a human?

>Because nslookup is hardly the only thing that does DNS checking. Take a
>look at the contents of your /etc/nsswitch.conf to see if it's actually set
>to use "files" or "dns" first: then look what happens if you change the
>order around, then add "nis" with the automatic or semi-automatic
>configuration tools and your order gets messed up. Then look at tools like
>SSH that do reverse DNS lookups and watch the craziness *they* create when
>you wind up with two IP addresses corresponding to the same hostname.

??? If you have a hosts file you had better have the order files,hosts.
Anything else would be silly. If you misuse and operating system, and it
bites you, you should not be making laws about how how others use theirs.

It is true that the new host lookup routines (which ssh uses and which are
supposed to ip6 ready)break almost everything for no discernable reason.

Unruh wrote:
> "Nico Kadel-Garcia" <nkadel@comcast.net> writes:

>> Because nslookup is hardly the only thing that does DNS checking.
>> Take a look at the contents of your /etc/nsswitch.conf to see if
>> it's actually set to use "files" or "dns" first: then look what
>> happens if you change the order around, then add "nis" with the
>> automatic or semi-automatic configuration tools and your order gets
>> messed up. Then look at tools like SSH that do reverse DNS lookups
>> and watch the craziness *they* create when you wind up with two IP
>> addresses corresponding to the same hostname.
>
> ??? If you have a hosts file you had better have the order
> files,hosts. Anything else would be silly. If you misuse and
> operating system, and it bites you, you should not be making laws
> about how how others use theirs.
>
> It is true that the new host lookup routines (which ssh uses and
> which are supposed to ip6 ready)break almost everything for no
> discernable reason.

Then you haven't looked into SSH. SSH does forward and reverse DNS lookups,
to verify that the host claiming to be "sshclient.whatever.com" and which is
permitted to do key-based or host-based access is really, really the host
expected, and so that connections can be logged with the appropriate
hostname so you can tell where someone was connecting from. This is
especially useful in dynamic DNS setups, like Windows machines in Active
Directory and Linux boxes that register their hostnames in active DNS, so
that connections from "mylaptop.whatever.com" are listed as actually coming
from that hostname, not just the DNS.

You can't rely on that in /etc/hosts: /etc/hosts is a serious legacy of when
DNS was awkward and painful to set up, and it was easier to simply publish
an /etc/hosts for your local network than to use a DNS server. These days,
it's easy to run an internal DNS server that handles this sort of thing for
you and avoids the conflicts. It's often done by using "views", that provide
one set of A records for internal use and another set for external or DMZ
use.