Name Services

Chapter Goals
Understand Local vs. global name services. Understand basic use of NIS. Understand how DNS works. Understand DNS configuration files. Understand how to make multiple name services work together.

Network Configuration
Review
In order to install a network connection on a UNI! bo"# $ou have to do the following%
Set up the nameservice files:

&etc&nsswitch.conf ' set the hosts entr$ to use the appropriate name service (this step to be discussed later) ' If $ou are using NIS# $ou have to set up files in &var&$p. &etc&resolv.conf
nameserver 129.74.70.77 domain cselab.nd.edu search cselab.nd.edu cse.nd.edu helios.nd.edu cc.nd.edu nd.edu

Name Service
*here are several name services available.
+or UNI!# the most common are% Network nformation Services !N S"!N S#" $etc$hosts file !static mappin%s" Network nformation Service !&ederated Name Services ' &NS" (omain Name Service !(NS" +or ,IND-,S# the most common are% lmhosts file )ins (NS

Name Services
*he Network Information Service (N S) (and it.s successor N S#) are local information servers.
NIS&NIS/ provides hostname to I0 address lookups# password lookups# and other local information lookups. NIS&NIS/ are not global services. It does not make sense to make some of the NIS services global (passwords# email aliases# ...). 1ust run DNS for Internet name lookups.

Name Services
NIS&NIS/ Strong 0oints% 2entrali3ed 4dministration (all local information in one database). Several versions of Uni" include NIS&NIS/
Integral part of Solaris.

5as$ to understand file formats 2onfigurable

NIS Shortcomings%

*he database does not scale well. NIS re6uires&facilitates centrali3ed administration. NIS&NIS/ are not available on all platforms. NIS&NIS/ open the site up to securit$ problems. 6

Name Services
NIS allows the site to split the namespace into organi3ational unit service 7domains8 NIS allows for multiple servers
1aster server authoratative for a domain Slave server a backup server for a domain 5ach sub9domain ma$ have master and slave servers which are authoritative for their own sub9domains.
7

N"S Summar#
NIS is a L-24L name service.
:ou must still run DNS to be on the Internet;
4lternate% :ou can have $our IS0 run DNS for $ou.

NIS is not secure (No Information Securit$)

Name Services
(NS is a distributed database which holds information about hosts * addresses+ mail routin% information+ and hostnames.
(NS is t,picall, implemented via the -erkele, nternet Name (omain s,stem !bind". -ther name service packages are available% 2isco Network Registrar is one e"ample. (NS uses a hierarchical tree of name servers to minimi.e impact on an, one nameserver.

4t the top of the hierarch$ is the root domain. *he root domain has no name server.
1$

Name Services
DNS specifications set aside certain top9level domain names.
*hese domains reside under the root domain. 5ach of these top level domains has one (or more) master name servers.
/nfortunatel,+ these are referred to as the root name servers.

*hese top9level domains are different in the US than in other countries.

11

Name Services
n the /S+ the top level domains are:

.com ' commercial companies .edu ' educational institutions .%ov ' %overnment a%encies .mil ' militar, a%encies .net ' network providers .or% ' non'profit or%ani.ations .int ' international or%ani.ations .arpa ' a dead elephant !historical"
0ach of these domains has !at least" one authoritative name server.
12

Name Services
In other countries# the IS- countr$ codes are used as top level domain names%
au 9 4ustralia ca 9 2anada dk Denmark et 9 5thiopia fi 9 +inland fr 9 +rance <p 9 =apan se 9 Sweden hk 9 >ong ?ong ch 9 Swit3erland

13

Name Services
,ithin each top9level domain there are several second level domains. 5ach second level domain can have an authoritative name server. nd.edu is a second level domain. bind.cc.nd.edu is the name server for the nd.edu domain.

14

Name Services
Under each second level domain $ou might find man$ subdomains.
cse.nd.edu# math.nd.edu# lsc.nd.edu and cselab.nd.edu are all subdomains of nd.edu. *hese domains ma$ or ma$ not have their own nameservers.

If not# the$ rel$ upon the second level server for address resolution. If so# the$ generall$ rel$ upon the higher level name servers for information on hosts outside of the subdomain. music.cselab.nd.edu (@AB.CD.CE.CC) ma$ be a lab nameserver. *he cselab domain is a Frd level domain.
' 1usic refers re6uests to bind.nd.edu for hosts outside of the lab domain.

15

16

Name Services
*here are three components to the name service s$stem%
4 daemon (named) that answers 6ueries Librar$ routines that programs call in order to contact the server when the$ need to resolve hostnames&addresses. 2ommand line interfaces to the DNS database (nslookup+ di%+ host)

Named is the process that answers 6ueries about hostnames and I0 addresses.
If named knows the answer# it replies. If not# it 6ueries a nameserver at a higher level to get the information re6uired named is also responsible for transferring the database from high level servers to the lower level servers (.one transfers).

17

Name Services
Named operates in one of three modes% master 9 one per domain 9 keeps the master cop$ of the DNS database for this domain. slave 9 copies it.s data from the primar$ server via a 3one transfer. 1ultiple secondar$ servers allowed within a domain. caching 9 loads a few important addresses into it.s database# and gathers information on other hosts through normal operation.

Name Services
Nameservers come in two flavors% recursive nameservers 9 stick with a 6uer$ until the$ get a resolution for the client machine. *he cache management becomes ver$ resource intensive. non9recursive 9 are la3$. If the$ don.t know the answer# the$ return a 7go ask him8 response to the client. *heir cache of information is not ver$ resource intensive.

Low level servers are usuall$ recursive# while higher level servers are usuall$ non9recursive.

1!

2$

Name Services
S1231
4 user on a s$stem called darwin.cc.nd.edu wants to finger a user on a s$stem called fo$t.central.sun.com Darwin looks in the $etc$hosts file to see if it knows who fo$t.central.sun.com is and how to get there.

If we find an entr$ in the hosts file# skip to host' resolved.

If darwin does not find fo$t.central.sun.com in it.s hosts file# it checks &etc&resolv.conf# finds the name of it.s nameserver. Darwin creates a DNS 6uer$ packet# and sends it to the nameserver. *he nameserver receives the DNS 6uer$ packet and e"amines it% 45i+ 6m darwin+ live at 129.74.270.114+ m, 829 address is 0::00:20:00:4e:;f. )ho is fo,t.central.sun.com and how do %et there<=

21

Name Services
*he nameserver (bind.cc.nd.edu) looks in its database to see if it knows who fo$t.central.sun.com is and how to get there.

If the nameserver has an entr$ for the fo$t.central.sun.com machine skip to (NS'resolved.
If the nameserver does not have an address for the fo$t machine# it sends out a DNS re6uest to it.s master nameserver (.edu) sa$ing 7>i# I.m bind.cc.nd.edu# I live at @AB.CD.AGE.@EE# m$ 142 address is EH%EE%AE%ff%ee%dd. ,ho is fo$t.central.sun.com and how do I get thereI8

*his starts an iterative process of nameservice lookups...

22

Name Services
1he master .edu nameserver is la., !non'recursive". t tells bind to %o ask the nameserver for .com. 1he repl, packet tells bind the address of a .com name server. 1he master .com nameserver is la., !non'recursive". t tells bind to %o ask the nameserver at Sun.com. 1he repl, packet dives bind the address of the Sun.com name server. -ind >ueries the Sun.com nameserver. f Sun.com is recursive+ it will %o ask 9entral.sun.com. f Sun.com is non'recursive+ it will tell bind to ask central.sun.com. f no nameserver knows who fo,t.central.sun.com is+ then the user %ets the alwa,s helpful 4host unknown= messa%e on their console. Skip to (?N0.

23

Name Services
If a nameserver finds the fo$t.central.sun.com machine in it.s database# then it will repl$ back through the chain that 7fo$t.central.sun.com is at @AF.DG.JC.HB8. Some of the name server(s) which are contacted add bind.cc.nd.edu# and fo$t.central.sun.com to their named cache.

24

Name Services
(NS'resolved
Kind.cc.nd.edu adds fo$t to it.s named cache# and forwards the information about fo$t.central.sun.com (from the master nameserver) on to darwin. Darwin receives the address information from bind# and thanks bind. Darwin adds the bind.cc.nd.edu information to it.s named cache. @? 1? 23*

25

Name Services
host'resolved
Darwin looks to see if it has the hardware address of fo$t. f not# @? 1? 23* 23* (arwin sends a hardware broadcast packet that sa,s:
' 5i+ 6m (arwin+ m, * address is 129.74.270.114+ m, 829 address is 0::00:20:00:4e:;f. )ho is &o,t+ and what is his 829 address< ' f &o,t is on the same network+ it replies with it6s 829 address. ' ?therwise the router replies with it6s 829 address.

26

Name Services
Darwin sends an I0 packet to fo$t.central.sun.com at I0 address @AF.DG.JC.HB sa$ing 7>i# I.m darwin.cc.nd.edu# I live at @AB.CD.AGE.@@D and m$ 142 address is EH%EE%AE%EE%De%Ff. I.d like to contact $our finger server (port CB) with the information contained in the data segment of this packet8 +o$t.central.sun.com receives the packet# decodes the protocol information and determines that it is for the $usr$etc$in.fin%erd program. +o$t forwards the packet to it.s finger daemon on port CB. +o$t adds the darwin machine to it.s named cache.

27

Name Services
*he finger server on fo$t looks up the information re6uested b$ the user on Darwin# and sends a packet out on the net sa$ing 7>i there darwin.cc.nd.edu# I am fo$t.central.sun.com. I live at @AF.DG.JC.HB# m$ 142 address is @@%AA%FF%DD%GG%JJ# here is the information $ou re6uested. Darwin receives the information from fo$t# thanks the fo$t machine# and sends the data to the user.s terminal. Darwin adds the +o$t machine to it.s named cache.

(?N0
*he user finds out their friend wasn.t logged in# goes home and drinks beer (or whatever users do when not logged in to a s$stem).

Name Services
Now it is time to look at the contents of the (NS database!s"+ and see what information is there+ what it does+ and how it is used. 9lient'side database files
1he $etc$resolv.conf file is the simplest (NS database file.
1his file contains the * address!es" of the nameserver!s"+ a search list+ and the domain information for this host. 2ll hosts in the domain need a cop, of the $etc$resolv.conf file so their name$address resolver knows where to %o for information.

2!

Name Service
% cat &etc&resolv'conf
(omain cse'n('e(u ) search cse an( n( search cse'n('e(u' n('e(u' nameserver 12!'74'25$'1$$ nameserver 12!'74'37'173 nameserver 12!'74'4'1

3$

Name Services
,hile the resolver onl$ re6uires one file# the name server (named) re6uires several configuration files.
named.conf 9 Sets general named parameters and points to locations (disk files or other servers) which we obtain our information from. root.hint 9 0oints to the root domain servers. localhost.3one 9 Used to resolve the loopback addresses. d.3onename 9 *he 3one file that maps names to I0 addresses. d.reverse9ip 9 the 3one file for reverse domain lookups (I0 address to hostname).

,e.ll start b$ looking at some of the ke$words allowed in the named.conf file.

31

Name Services
named.conf 9 allows several ke$words%

director, 9 Director$ for all subse6uent file references. primar, 9 Declares this server as primar$ for this 3one. secondar, 9 Declares this server as secondar$ in 3one. cache 9 0oints to the cache file. forwarders 9 Lists servers to which we send re6uests. slave 9 +orces the server to forward all re6uests. A 9 2omment (note# that B works# but is not correct;) !data" 9 4llow data to span lines C 9 *he current domain name D 9 ,ildcard (name field onl$) 9 dangerous;

32

Name Services
B cat $etc$named.conf
options E
version FSurel, ,ou must be Gokin%HFA listen'on E 129.74.70.77A IA director, F.FA statistics'file Fnamed.statsFA dump'file FnamedJdump.dbFA $$ J*215J(/8*& K0 pid'file Fnamed.pidFA $$ J*215J* (& K0 notif, ,esA auth'nLdomain ,esA interface'interval M0A $$ scan for new or deleted interfaces allow'transfer E 129.74.270.100A 129.74.4.1:A 129.74.27.9:A IA forwarders E 129.74.270.100A IA

IA

33

Name Services
logging L categor$ default L defaultMs$slogN defaultMdebugN O N channel goobers L file P&var&log&named.logP versions G si3e FAmN O N categor$ 6ueries L goobersN ON categor$ lame9servers L nullN ON ON 3one P.P L t$pe hintN file Proot.hintPN

ON

34

Name Services
.one Fcselab.nd.eduF E
t,pe masterA file Fd.cselab.nd.eduFA allow'update E noneA IA allow'transfer E 129.74.270.100A 12:.74.4.1:A 129.74.27.9:A IA allow'>uer, E 129.74.0.0$1MA IA

IA .one F70.74.129.in'addr.arpaF N E
t,pe masterA file Fd.70.74.129.in'addr.arpaFA allow'transfer E 129.74.270.100A 12:.74.4.1:A 129.74.27.9:A IA allow'update E noneA IA allow'>uer, E 129.74.0.0$1MA IA

IA

35

Name Services
.one Fnd.eduF E
t,pe slaveA file Fnd.edu..oneFA masters E 129.74.270.100A 129.74.4.1:A IA forwarders E 129.74.270.100A 129.74.4.1:A IA allow'>uer, E 129.74.0.0$1MA IA

IA .one F74.129.in'addr.arpaF N E
t,pe slaveA file Fd.74.129.in'addr.arpaFA masters E 129.74.270.100A 129.74.4.1:A IA forwarders E 129.74.270.100A IA allow'>uer, E 129.74.0.0$1MA IA

IA

36

Name Services
.one FlocalhostF N E
t,pe masterA file Flocalhost..oneFA allow'update E noneA IA

IA .one F0.0.127.in'addr.arpaF N E
t,pe masterA file F127.0.0..oneFA allow'update E noneA IA

IA

37

Name Services
*he named.conf file defines the 3ones and files to use. *he files referenced in the named.conf file contain resource records that govern the information provided b$ the name service.

Name Services
*he format of a DNS resource record is% QnameR QttlR QclassR type data

name 9 is the name of the domain ob<ect this record refers to. *his can be a hostname# or an entire domain. Name is relative to the current domain unless it ends in a 7.8 (dot). If the name is blank# this record applies to the domain ob<ect from the last name command. ttl 9 *ime9to9live defines the length of time (in seconds) that the resource record should be kept in cache. Usuall$ blank so the default (in an S-4 record) is used. class 9 defines this to be an Internet DNS record. -ther record t$pes are possible but not used b$ DNS.

3!

Name Services
t$pe 9 identifies what t$pe of record this is% S?2 9 Start -f 4uthorit$ 9 1arks the beginning of a 3one.s data and defines global (3one) parameters. NS 9 Name Server 9 Identifies a domain.s name server. 2 9 4ddress 9 2onverts a hostname to an I0 address. *13 9 0ointer 9 2onverts an I0 address to a hostname. 8N 9 1ail e!change 9 Identifies where to deliver mail for a given domain name. 9N280 9 2anonical Name 9 Defines an alias host name. 5 N&? 9 >ost Information 9 Describes host hardware&-S. )OS 9 ,ell ?nown Services 9 advertises network services. 3* 9 Responsible 0erson 9 who is in charge of this server. data 9 the data specific to this record (I0 address for a host).

4$

Name Services
*he database files are
root.hint used to locate the root name servers. d.3onename used to define the forward lookup records for the 3one. d9reverse9ip used to define the reverse lookup records for the 3one.

41

Root.hint Data file for initial cache data for root domain servers.
G.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. .ROOT-SERVERS.NET. !.ROOT-SERVERS.NET. ".ROOT-SERVERS.NET. #.ROOT-SERVERS.NET. $.ROOT-SERVERS.NET. %.ROOT-SERVERS.NET. &.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. '.ROOT-SERVERS.NET. ()6d*6h IN # *+,.**,.-6.. ()6d*6h IN # *+/..*.0.*0 ()6d*6h IN # *+-.0.*..*,+ ()6d*6h IN # *+/.-,.6..*, ()6d*6h IN # ,0,.*,.,1.-()6d*6h IN # *+/..*.0.. ()6d*6h IN # *,/.6-.,.(()6d*6h IN # *,/.+.0.*01 ()6d*6h IN # *+,.--...*, ()6d*6h IN # *,/./.*0.+0 ()6d*6h IN # *+,.,0-.,-0.*0 ()6d*6h IN # *+,.-6.*./.*1 ()6d*6h IN # *+,.(.(.,.*

. 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS . 6D IN NS G.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. .ROOT-SERVERS.NET. !.ROOT-SERVERS.NET. ".ROOT-SERVERS.NET. #.ROOT-SERVERS.NET. $.ROOT-SERVERS.NET. %.ROOT-SERVERS.NET. &.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. '.ROOT-SERVERS.NET.

42

Name Services
Localhost 3one files 2 cat localhost.3one ; 'or)ard loo456 for *,1.0.0. 3one
7ORIGIN localhost. 8 *D IN SO# ., -$ *(" *< *D : *D IN NS *D IN # 8 root 9 ; serial 9d. adams: ; refresh ; retr; ; e=6ir; ; minim5m

8 *,1.0.0.*

43

Name Services
Localhost 3one files 2 cat *,1.0.0.3one ; Reverse information file for *,1.0.0 3one
7ORIGIN 0.0.*,1.in-addr.ar6a. 8 *D IN SO# localhost. root.localhost. 9 ., ; serial 9d. adams: -$ ; refresh *(" ; retr; *< ; e=6ir; *D : ; minim5m *D IN NS localhost. * *D IN >TR localhost.

44

S more d.cselab.nd.edu 7ORIGIN nd.ed5. ; !a? Start of #5thorit; Record csela? /6.00 IN SO# m5sic.csela?.nd.ed5. root.m5sic.csela?.nd.ed5. 9 ,6* /6.00 ,*600 60./00 /6.00 : /6.00 IN NS m5sic.csela?.nd.ed5. m5sic.csela? /6.00 IN # *,+.1..10.11 ; No) define the la? hosts 7ORIGIN csela?.nd.ed5. localhost /6.00 IN # *,1.0.0.* lo@host /6.00 IN # *,1.0.0.* st5-@) /6.00 IN # *,+.1...6.-/6.00 IN $IN'O A&isco .(00A AIOSA st5-s)itch /6.00 IN # *,+.1...6.-. /6.00 IN $IN'O A&isco .(00A AIOSA dil?ert /6.00 IN # *,+.1...6.-( /6.00 IN $IN'O AGeneric >&A A!in5=B%SDA

45

S cat d.CE.CD.@AB.in9addr.arpa 7ORIGIN 1..*,+.in-addr.ar6a. 10 /6.00 IN SO# ?ind.nd.ed5. root.m5sic.csela?.nd.ed5. 9 ,.* /6.00 ,*600 60./00 /6.00 : /6.00 IN NS ?ind.nd.ed5. 7ORIGIN 10.1..*,+.in-addr.ar6a. 66 /6.00 IN >TR csela?-@).csela?.nd.ed5. 61 /6.00 IN >TR noise.csela?.nd.ed5. 6+ /6.00 IN >TR aca6ella.csela?.nd.ed5. 10 /6.00 IN >TR latin.csela?.nd.ed5. 1* /6.00 IN >TR s)in@.csela?.nd.ed5. 1, /6.00 IN >TR s6irit5al.csela?.nd.ed5. 1/6.00 IN >TR march.csela?.nd.ed5. 1. /6.00 IN >TR co5ntr;.csela?.nd.ed5. 1( /6.00 IN >TR salsa.csela?.nd.ed5. 16 /6.00 IN >TR ?l5es.csela?.nd.ed5. 11 /6.00 IN >TR m5sic.csela?.nd.ed5. 1/ /6.00 IN >TR 6o6.csela?.nd.ed5.

46

Name Services
-nce all of the databases are set up $ou need to start the named daemon. *he startup is usuall$ handled b$ the &etc&rcT files. *o manuall$ start the named process# login as root# and t$pe% S &path&to&named 4fter named is started# it is a good idea to 6uer$ the DNS database to see how things look. *here are two common commands used to 6uer$ the database% nslookup# and di%.

47

Name Services
Uuer$ the database
nslookup is a standard part of KIND. It allows $ou to 6uer$ the KIND database files to determine information about a host. nslookup allows interactive# or command line 6ueries. In the simple form# the s$nta" is nslookup hostname %rump,P nslookup wi.ard Server: bind.nd.edu 2ddress: 129.74.270.100 Name: wi.ard.cse.nd.edu 2ddress: 129.74.27.101 4

Name Services
@r5m6;C nsloo456 cse.nd.ed5 ServerD ?ind.nd.ed5 #ddressD *,+.1..,(0.*00 NameD cse.nd.ed5 #ddressD *,+.1..*/.,
grump#* nslookup +efault Server, -in('n('e(u .((ress, 12!'74'25$'1$$ / set t#pe012 / cse'n('e(u Server, -in('n('e(u .((ress, 12!'74'25$'1$$ cse'n('e(u preference 0 13 mail e4changer 0 mail'cse'n('e(u cse'n('e(u nameserver 0 -in('n('e(u cse'n('e(u nameserver 0 iugate'ucs'in(iana'e(u cse'n('e(u nameserver 0 o(in'cc'n('e(u cse'n('e(u nameserver 0 thor'cc'n('e(u mail'cse'n('e(u internet a((ress 0 12!'74'25'1$1 mail'cse'n('e(u internet a((ress 0 12!'74'1 '4 -in('n('e(u internet a((ress 0 12!'74'25$'1$$ iugate'ucs'in(iana'e(u internet a((ress 0 12!'7!'1'! o(in'cc'n('e(uinternet a((ress 0 12!'74'4'1 thor'cc'n('e(u internet a((ress 0 12!'74'37'173

@r5m6;C nsloo456 )i3ard ServerD ?ind.nd.ed5 #ddressD *,+.1..,(0.*00 NameD )i3ard.cse.nd.ed5 #ddressD *,+.1..,(.*0*

4!

Name Services
EF &ommandsD 9identifiers are sho)n in 566ercaseG HI means o6tional: N#"E - 6rint info a?o5t the hostBdomain N#"E 5sin@ defa5lt server N#"E* N#"E, - as a?oveG ?5t 5se N#"E, as server hel6 or F - 6rint info on common commands; see nsloo4569*: for details set O>TION - set an o6tion all - 6rint o6tionsG c5rrent server and host HnoIde?5@ - 6rint de?5@@in@ information HnoId, - 6rint e=ha5stive de?5@@in@ information HnoIdefname - a66end domain name to each J5er; HnoIrec5rse - as4 for rec5rsive ans)er to J5er; HnoIvc - al)a;s 5se a virt5al circ5it domainKN#"E - set defa5lt domain name to N#"E srchlistKN*HBN,B...BN6I - set domain to N* and search list to N*GN,G etc. rootKN#"E - set root server to N#"E retr;KL - set n5m?er of retries to L timeo5tKL - set initial time-o5t interval to L seconds J5er;t;6eKL - set J5er; t;6eG e.@.G #G#NMG&N#"EG$IN'OG"LG>LGNSG>TRGSO#GTLTG< S t;6eKL - s;non;m for J5er;t;6e classKL - set J5er; class to one of IN 9Internet:G &$#OSG $ESIOD or #NM

5$

Name Services
server N#"E - set defa5lt server to N#"EG 5sin@ c5rrent defa5lt server lserver N#"E - set defa5lt server to N#"EG 5sin@ initial server fin@er HNSERI - fin@er the o6tional NSER at the c5rrent defa5lt host root - set c5rrent defa5lt server to the root ls Ho6tI DO"#IN HE 'I!EI - list addresses in DO"#IN 9o6tionalD o5t65t to 'I!E: -a - list canonical names and aliases -h - list $IN'O 9&>N t;6e and o6eratin@ s;stem: -s - list )ell-4no)n services -d - list all records -t TM>E - list records of the @iven t;6e 9e.@.G #G&N#"EG"LG etc.: vie) 'I!E - sort an OlsO o5t65t file and vie) it )ith more e=it - e=it the 6ro@ramG PD also e=its

51

Name Services
Uuer$ing the DNS database
,e have di% online (in the lab)# in &usr&site&bin&dig. *he user interface for dig is nicer than the nslookup command. dig is generall$ easier to use than nslookup. Nslookup will go awa$ soon# replaced b$ dig

52

Network Configuration
2ommon problem%
:ou can ping&telnet&... a host b$ address# but not b$ hostname.

*his tells $ou that some things are right# and something is wrong% 3i%ht: *he network card is operable# and the wiring is all correct. )ron%: *he name service software is not properl$ configured. ' K$ using the I0 address of the remote host# $ou b$pass the name service. ' ,hen $ou use the hostname of the remote host# the name service software needs to resolve the I0 address. *his step is failing... 53

Name Services
It is possible# and even common to use multiple name services concurrentl$.
*his configuration is controlled via the nsswitch.conf file.

54

2 cat BetcBnss)itch.conf
6ass)dD files @ro56D files hostsD files dns i6nodesD files net)or4sD files 6rotocolsD files r6cD files ethersD files netmas4sD files ?oot6aramsD files 65?lic4e;D files net@ro56D files a5tomo5ntD files aliasesD files servicesD files sendmailvarsD files 6rintersD 5ser files a5thQattrD files 6rofQattrD files 6roRectD files

55

Summar#
Name Services are an essential component of the network. Local name services provide the capabilit$ of distributing several t$pes of information.
1an$ of these pieces of information should not be distributed globall$.

Vlobal name services (DNS) are re6uired for sites on the Internet. 1anagement and securit$ of DNS is a time consuming task.
56