109.4. Configure client side DNS

Weight: 2
Description: Candidates should be able to configure DNS on a client host.
Key Knowledge Areas:
Query remote DNS servers
Configure local name resolution and use remote DNS servers
Modify the order in which name resolution is done
Terms and Utilities:
/etc/hosts
/etc/resolv.conf
/etc/nsswitch.conf
host
dig
getent
We have seen all of these topics in previous lessons, so in this lesson first  we take a quick look at them and then we will talk about steps of Name Resolution on client side.
DNS
The DNS (Domain Name System) resolves the names of internet sites with their underlying IP addresses .
Query remote DNS servers
dig
Dig (Domain Information Groper) is a powerful command-line tool for querying DNS name servers. It is the most commonly used tool among system administrators for troubleshooting DNS problems because of its flexibility and ease of use.
In its simplest form, when used to query a single host (domain) without any additional options, the dig command is pretty verbose.
1
[email protected]:~# dig lpi.org
2
​
3
; <<>> DiG 9.10.3-P4-Ubuntu <<>> lpi.org
4
;; global options: +cmd
5
;; Got answer:
6
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23520
7
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
8
​
9
;; OPT PSEUDOSECTION:
10
; EDNS: version: 0, flags:; udp: 512
11
;; QUESTION SECTION:
12
;lpi.org.			IN	A
13
​
14
;; ANSWER SECTION:
15
lpi.org.		599	IN	A	65.39.134.165
16
​
17
;; Query time: 501 msec
18
;; SERVER: 8.8.8.8#53(8.8.8.8)
19
;; WHEN: Sat Feb 29 17:16:01 +0330 2020
20
;; MSG SIZE  rcvd: 52
Copied!
don't forget, by default, dig sends the DNS query to name servers listed in the resolver(/etc/resolv.conf), how ever, we can query different DNS server usnig @.
host
the host command is a DNS lookup utility, finding the IP address of a domain name. It also performs reverse lookups, finding the domain name associated with an IP address.
1
[email protected]:~# host yahoo.com
2
yahoo.com has address 72.30.35.10
3
yahoo.com has address 98.137.246.7
4
yahoo.com has address 98.138.219.231
5
yahoo.com has address 98.138.219.232
6
yahoo.com has address 98.137.246.8
7
yahoo.com has address 72.30.35.9
8
yahoo.com has IPv6 address 2001:4998:c:1023::4
9
yahoo.com has IPv6 address 2001:4998:58:1836::10
10
yahoo.com has IPv6 address 2001:4998:44:41d::4
11
yahoo.com has IPv6 address 2001:4998:58:1836::11
12
yahoo.com has IPv6 address 2001:4998:44:41d::3
13
yahoo.com has IPv6 address 2001:4998:c:1023::5
14
yahoo.com mail is handled by 1 mta6.am0.yahoodns.net.
15
yahoo.com mail is handled by 1 mta7.am0.yahoodns.net.
16
yahoo.com mail is handled by 1 mta5.am0.yahoodns.net.
Copied!
 And vica-versa To find out the hostname of the host with the IP address:
1
[email protected]:~# host 72.30.35.10
2
10.35.30.72.in-addr.arpa domain name pointer media-router-fp2.prod1.media.vip.bf1.yahoo.com.
Copied!
If no arguments or options are given, host prints a short summary of its command line arguments and options:
Client Name Resolution 
When client  wants to access any other computers in the  network, first it needs to know about target  ip address. There are different places inside os which keeps information, lets review them togther :
/etc/host
If we  don’t want to use a DNS server for name resolution, we  can use the /etc/hosts file for the purpose of name resolution. This is a simple text file that contains IP addresses to hostnames mappings. Each line consists of an IP address, followed by one or more hostnames(ubuntu16):
1
[email protected]:~# cat /etc/hosts
2
127.0.0.1	localhost
3
127.0.1.1	ybyntu16-1
4
​
5
# The following lines are desirable for IPv6 capable hosts
6
::1     ip6-localhost ip6-loopback
7
fe00::0 ip6-localnet
8
ff00::0 ip6-mcastprefix
9
ff02::1 ip6-allnodes
10
ff02::2 ip6-allrouters
Copied!
you can see the typical default content of the hosts file that contains entries for the loopback addresses. To set up our own mappings, add the entries in the form of IP_ADDRESS HOSTNAME :
1
[email protected]:~# ping thisismyexample.com
2
ping: unknown host thisismyexample.com
3
​
4
[email protected]:~# vim /etc/hosts
5
[email protected]:~# 
6
[email protected]:~# cat /etc/hosts
7
127.0.0.1	localhost
8
127.0.1.1	ybyntu16-1
9
​
10
# The following lines are desirable for IPv6 capable hosts
11
::1     ip6-localhost ip6-loopback
12
fe00::0 ip6-localnet
13
ff00::0 ip6-mcastprefix
14
ff02::1 ip6-allnodes
15
ff02::2 ip6-allrouters
16
​
17
# this is my example:
18
172.217.164.238 thisismyexample
Copied!
The line 172.217.164.238 thisismyexample.com  will map the IP address of 172.217.164.238 to the thisismyexample.com hostname . We can now use the thisismyexample hostname to communicate with the remote machine:
1
[email protected]:~# ping thisismyexample -c3
2
PING thisismyexample (172.217.164.238) 56(84) bytes of data.
3
64 bytes from thisismyexample (172.217.164.238): icmp_seq=1 ttl=63 time=281 ms
4
64 bytes from thisismyexample (172.217.164.238): icmp_seq=2 ttl=63 time=324 ms
5
64 bytes from thisismyexample (172.217.164.238): icmp_seq=3 ttl=63 time=262 ms
6
​
7
--- thisismyexample ping statistics ---
8
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
9
rtt min/avg/max/mdev = 262.673/289.474/324.462/25.881 ms

Copied!
/etc/resolv.conf
/etc/resolv.conf contain information about current system DNS  server. Altough we can manually modify it  but don't forget our settings would not be permanent in last until next reboot. 
1
[email protected]:~# cat /etc/resolv.conf 
2
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
3
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
4
nameserver 8.8.8.8
5
nameserver 4.2.2.4
6
search mydomain.local
Copied!
/etc/nsswitch
The /etc/nsswitch.conf file defines the order in which to contact different name services. For Internet use, it is important that dns shows up in the "hosts" line:
1
[email protected]:~# cat /etc/nsswitch.conf | grep hosts
2
hosts:          files mdns4_minimal [NOTFOUND=return] dns
Copied!
The hosts  line specifies the order in which various name resolution services will be tried. The default is to:
files reads /etc/hosts
mdns4_minimal resolves IPv4 addresses with multicast DNS ONLY if the requested hostname ends with .local.
[NOTFOUND=return] stops the resolving process if that .local hostname was not found
dns probably does DNS resolution
you can change the the order of name resolution here.
getent
As we said  getent is a Linux command that helps the user to get the entries in a number of important text files called databases. This includes the passwd and the group of databases which stores the user information. The fact is that The getent command displays entries from databases supported by the Name Service Switch libraries, which are configured in /etc/nsswitch.conf. 
1
[email protected]:~# getent hosts thisismyexample
2
172.217.164.238 thisismyexample
Copied!
.
.
.
​https://www.networkworld.com/article/3268449/what-is-dns-and-how-does-it-work.html​
​https://computer.howstuffworks.com/dns3.htm​
​https://linuxize.com/post/how-to-use-dig-command-to-query-dns-in-linux/​
​https://www.computerhope.com/unix/host.htm​
​https://www.geeksforgeeks.org/host-command-in-linux-with-examples/​
​https://geek-university.com/linux/etc-hosts-file/​
​https://www.shellhacks.com/setup-dns-resolution-resolvconf-example/​https://www.linuxtopia.org/online_books/introduction_to_linux/linux__etc_nsswitch.conf.html​https://www.reddit.com/r/linuxquestions/comments/co02ui/hosts_and_mdns_configuration_in_etcnsswitchconf/​
​https://ubuntuforums.org/showthread.php?t=971693​
​https://www.geeksforgeeks.org/getent-command-in-linux-with-examples/​
​https://linux.die.net/man/1/getent​
.

109.3. Basic network troubleshooting

110.1. Perform security administration tasks

Last modified 2yr ago

Copy link

Contents