linux hosts&dns

/etc/hosts ：记录hostname对应的ip地址

/etc/resolv.conf ：设置DNS服务器的ip地址

/etc/host.conf ：指定域名解析的顺序（是从本地的hosts文件解析还是从DNS解析）

/etc/hosts详解：

As your machine gets started, it will need to know the mapping of some hostnames to IP addresses before DNS can be referenced. This mapping is kept in the /etc/hosts file. In the absence of a name server, any network program on your system consults this file to determine the IP address that corresponds to a host name.

Following is a sample /etc/hosts file:

IPAddress     Hostname            Alias
127.0.0.1            localhost        deep.openna.com
208.164.186.1        deep.openna.com      deep
208.164.186.2        mail.openna.com      mail
208.164.186.3        web.openna.com       web

The leftmost column is the IP address to be resolved. The next column is that host’s name. Any subsequent columns are alias for that host. In the second line, for example, the IP address 208.164.186.1 is for the host deep.openna.com. Another name for deep.openna.com is deep.

After you are finished configuring your networking files, don’t forget to restart your network for the changes to take effect.

[root@deep] /# /etc/rc.d/init.d/network restart
Setting network parameters        [  OK  ]
Bringing up interface lo      [  OK  ]
Bringing up interface eth0            [  OK  ]
Bringing up interface eth1            [  OK  ]

/etc/resolv.conf详解：

When configuring the resolver library to use the BIND name service for host lookups, you also have to tell it which name servers to use. There is a separate file for this, called resolv.conf. If this file does not exist or is empty, the resolver assumes the name server is on your local host.

If you run a name server on your local host, you have to set it up separately, as will be explained in the following section. If your are on a local network and have the opportunity to use an existing nameserver, this should always be preferred.

The most important option in resolv.conf is nameserver, which gives the IP-address of a name server to use. If you specify several name servers by giving the nameserver option several times, they are tried in the order given. You should therefore put the most reliable server first. Currently, up to three name servers are supported.

If no nameserver option is given, the resolver attempts to connect to the name server on the local host.

Two other options, domain and search deal with default domains that are tacked onto a hostname if BIND fails to resolve it with the first query. The search option specifies a list of domain names to be tried. The list items are separated by spaces or tabs.

If no search option is given, a default search list is constructed from the local domain name by using the domain name itself, plus all parent domains up to the root. The local domain name may be given using the domain statement; if none is given, the resolver obtains it through the getdomainname(2) system call.

If this sounds confusing to you, consider this sample resolv.conf file for the Virtual Brewery:

# /etc/resolv.conf
# Our domain
domain         vbrew.com
#
# We use vlager as central nameserver:
nameserver     191.72.1.1

When resolving the name vale, the resolver would look up vale, and failing this, vale.vbrew.com, and vale.com.

/etc/host.conf详解：

Linux uses a resolver library to obtain the IP address corresponding to a host name. The /etc/host.conf file specifies how names are resolved. The entries in the etc/host.conf file tell the resolver library what services to use, and in what order, to resolve names. Edit the host.conf file vi /etc/host.conf and add the following lines:

# Lookup names via DNS first then fall back to /etc/hosts.
order bind,hosts
# We have machines with multiple IP addresses.
multi on
# Check for IP address spoofing.
nospoof on

The order option indicates the order of services. The sample entry specifies that the resolver library should first consult the name server to resolve a name and then check the /etc/hosts file. It is recommended to set the resolver library to first check the name server, bind and then the hosts file (hosts) for better performance and security on all your servers. Of course you must have the DNS/BIND software installed or this configuration will not work.

The multi option determines whether a host in the /etc/hosts file can have multiple IP addresses i.e.multiple interface ethN. Hosts that have more than one IP address are said to be multiomed, because the presence of multiple IP addresses implies that host has several network interfaces. As an example, a Gateway Server will always have multiple IP address and must have this option set to ON.

The nospoof option indicates to take care of not permitting spoofing on this machine. IP-Spoofing is a security exploit that works by tricking computers in a trust relationship that you are someone that you really aren’t. In this type of attack, a machine is set up to look like a legitimate server and then issue connections and other types of network activities to legitimate end systems, other servers or large data repository systems. This option must be set ON for all types of servers.