503-505.html

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

<HTML>
<HEAD>
<TITLE>Special Edition Using Linux, Fourth Edition:Configuring Domain Name Service</TITLE>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->


<!--ISBN=0789717468//-->
<!--TITLE=Special Edition Using Linux, Fourth Edition//-->
<!--AUTHOR=Jack Tackett//-->
<!--AUTHOR=Jr.//-->
<!--AUTHOR=Steve Burnett//-->
<!--PUBLISHER=Macmillan Computer Publishing//-->
<!--IMPRINT=Que//-->
<!--CHAPTER=25//-->
<!--PAGES=503-505//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->

<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="501-503.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="505-508.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H4 ALIGN="LEFT"><A NAME="Heading4"></A><FONT COLOR="#000077">The /etc/host.conf File</FONT></H4>
<P>The local resolver libraries are configured via a file named host.conf that&#146;s located in the /etc directory. This file tells the resolver what services to use and in what order. This file is a plain ASCII file that lists resolver options, one per line. Fields in this file may be separated by spaces or tabs. The <TT>#</TT> character indicates the start of a comment.</P>
<P>Several options may be specified in the host.conf file, as shown in Table 25.2.</P>
<TABLE WIDTH="100%"><CAPTION ALIGN=LEFT><B>Table 25.2</B> Configuration Options for the /etc/host.conf File
<TR>
<TH COLSPAN="2"><HR>
<TR>
<TH WIDTH="25%" ALIGN="LEFT">Option
<TH WIDTH="75%" ALIGN="LEFT">Description
<TR>
<TD COLSPAN="2"><HR>
<TR>
<TD VALIGN="TOP"><TT>order</TT>
<TD>Specifies in what order different name resolution mechanisms are tried. The specified resolving services are tried in the order listed. The following name resolution mechanisms are supported: <TT>hosts</TT> (attempts to resolve the name by looking in the local /etc/host file), <TT>bind</TT> (queries a DNS name server to resolve the name), and <TT>nis</TT> (uses the Network Information Service&#151;NIS&#151;protocol to try to resolve the host name).
<TR>
<TD VALIGN="TOP"><TT>alert</TT>
<TD>Takes <TT>off</TT> or <TT>on</TT> as arguments. If turned on, any attempt to spoof an IP address is logged via the <TT>syslog</TT> facility.
<TR>
<TD VALIGN="TOP"><TT>nospoof</TT>
<TD>If reverse resolution is used to match a host name to a specified address, resolves the host name that&#146;s returned to verify that it does match the address that you queried. Prevents &#147;spoofing&#148; of IP addresses. Enabled by specifying <TT>nospoof on</TT>. Caution: Using this option can cause a noticeably additional load on the server.
<TR>
<TD VALIGN="TOP"><TT>trim</TT>
<TD>Takes a domain name as an argument. <TT>trim</TT> removes the domain name before performing an /etc/hosts lookup on the name. This allows you to put just the base host name in /etc/hosts without specifying the domain name.
<TR>
<TD VALIGN="TOP"><TT>multi</TT>
<TD>Takes <TT>off</TT> or <TT>on</TT> as arguments. Used only with <TT>host</TT> queries to determine whether a host is allowed to have more than one IP address specified in /etc/hosts. This option has no effect on NIS or DNS queries.
<TR>
<TD COLSPAN="2"><HR>
</TABLE>
<P>The following is an example of an /etc/host.conf configuration file that uses these options:
</P>
<!-- CODE //-->
<PRE>
# Sample /etc/host.conf file
#
# Lookup names via DNS first then fall back to /etc/hosts
order bind hosts
# We don&#146;t have machines with multiple addresses
multi off
# check for IP address spoofing
nospoof on
# and warn us if someone attempts to spoof
alert on
# Trim the tristar.com domain name for host lookups
trim tristar.com
</PRE>
<!-- END CODE //-->
<P>This example shows a general resolver configuration for the domain tristar.com. The resolver looks up the host names by using DNS first and then tries the local /etc/hosts file.
</P>
<BLOCKQUOTE>
<P><FONT SIZE="-1"><HR><B>NOTE:&nbsp;&nbsp;</B>Specifying the local /etc/hosts file in the resolution search is a good idea. If for some reason your name servers should be unavailable, you can still resolve the names for hosts listed in your local hosts file. You should also keep a list of all your local hosts in your /etc/hosts files on each of your local computers.<HR></FONT>
</BLOCKQUOTE>
<P>Multiple IP addresses for a single machine are disabled. This host checks for IP address spoofing by re-resolving the host name that a reverse IP address lookup returns. This is a bit of a performance hit, but it helps make sure that no one is pretending to be a different host than they really are. Also, you&#146;ve set up the resolver to warn you if an attempt to spoof is detected. Finally, the resolver trims the domain tristar.com from any host names that are looked up in the local /etc/hosts file.
</P>
<H4 ALIGN="LEFT"><A NAME="Heading5"></A><FONT COLOR="#000077">The /etc/resolv.conf File</FONT></H4>
<P>Now that you&#146;ve configured the basic behavior of the resolver library, you need to set up some information for the DNS portion of the resolver. You need to do this only if you&#146;re using DNS for host name resolution&#151;that is, by specifying <TT>bind</TT> in the <TT>order</TT> statement of the /etc/host.conf file. But then you wouldn&#146;t be reading this chapter if you weren&#146;t going to use DNS, would you?</P>
<P>The /etc/resolv.conf controls the way the resolver uses DNS to resolve host names. It specifies the DNS name servers to contact when resolving a host name and in what order to contact them. It also provides the local domain name and some clues as to how to guess at the domain name of hosts that are specified without a domain name.</P>
<P>Table 25.3 lists the valid options for the /etc/resolv.conf file.</P>
<TABLE WIDTH="100%"><CAPTION ALIGN=LEFT><B>Table 25.3</B> Configuration Options for the /etc/resolv.conf File
<TR>
<TH COLSPAN="2"><HR>
<TR>
<TH WIDTH="25%" ALIGN="LEFT">Option
<TH WIDTH="75%" ALIGN="LEFT">Description
<TR>
<TD COLSPAN="2"><HR>
<TR>
<TD VALIGN="TOP"><TT>domain</TT>
<TD>Specifies the local domain name of this host. If it&#146;s not given, the resolver tries to get the local domain name from the <TT>getdomainname()</TT> system call.
<TR>
<TD VALIGN="TOP"><TT>nameserver</TT>
<TD>Specifies the IP address of a DNS name server to contact for name resolution. You can list up to three name servers by using the <TT>nameserver</TT> option multiple times. The name servers are tried in the order listed. You should put your most reliable name server first so that queries don&#146;t time out on a server that&#146;s likely to be down.
<TR>
<TD VALIGN="TOP"><TT>search</TT>
<TD>Lists domains to try if no domain name is specified as part of a query host name. If no search option is given, the list of domains is created by using the local domain plus each parent domain of the local domain.
<TR>
<TD COLSPAN="2"><HR>
</TABLE>
<P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="501-503.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="505-508.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>


</td>
</tr>
</table>
<!-- begin footer information -->



</body></html>