8.2.1 The Resolver Configuration File

The configuration file clearly documents the resolver configuration. It allows you to identify up to three nameservers, two of which provide backup if the first server doesn't respond. It defines the default domain and various other processing options. The resolv.conf file is an important part of configuring name service.

resolv.conf is a simple, human-readable file. There are system-specific variations in the commands used in the file, but the entries supported by most systems are:

nameserver address

The nameserver entries identify, by IP address, the servers that the resolver is to query for domain information. The nameservers are queried in the order that they appear in the file. If no response is received from a server, the next server in the list is tried until the maximum number of servers are tried. [3] If no nameserver entries are contained in the resolv.conf file or no resolv.conf file exists, all nameserver queries are sent to the local host. However, if there is a resolv.conf file and it contains nameserver entries, the local host is not queried unless one entry points to the local host. Specify the local host with its official IP address, not with the loopback address and not with 0.0.0.0. The official address avoids problems seen on some versions of UNIX. A resolver-only configuration never contains a nameserver entry that points to the local host.

[3] Three is the maximum number of servers tried by most BIND implementations.

domain name

The domain entry defines the default domain name. The resolver appends the default domain name to any hostname that does not contain a dot. [4] It then uses the expanded hostname in the query it sends to the name server. For example, if the hostname almond (which does not contain a dot) is received by the resolver, the default domain name is appended to almond to construct the query. If the value for name in the domain entry is nuts.com , the resolver queries for almond.nuts.com . If the environment variable LOCALDOMAIN is set, it overrides the domain entry and the value of LOCALDOMAIN is used to expand hostname.

[4] This is the most common way that default domain names are used, but it is not the only way. See the section "Domain Names" in Chapter 3 for more details.

search domain ...

The search entry defines a series of domains that are searched when a hostname does not contain a dot. Assume the entry search essex.nuts.com butler.nuts.com . A query for the hostname roaster is first tried as roaster.essex.nuts.com . If that fails to provide a successful match, the resolver queries for roaster.butler.nuts.com . If that query fails, no other attempts are made to resolve the hostname. This is different from the action of the domain entry. Assume the entry domain butler.nuts.com . Now a query for roaster is first tried as roaster.butler.nuts.com and then as roaster.nuts.com if the first query fails. When a search statement is used, only the domains explicitly mentioned on the command line are searched. When a domain statement is used, the default domain and its parents are searched. A parent domain must be at least two fields long to be searched. The resolver would not search for roaster.com . Use either a search statement or a domain statement. Never use both in the same configuration. If the environment variable LOCALDOMAIN is set, it overrides the search entry.

sortlist network ...

Addresses from the networks listed on the sortlist command are preferred over other addresses. If the resolver receives multiple addresses in response to a query about a multi-homed host or a router, it reorders the addresses so that an address from a network listed in the sortlist statement is placed in front of the other addresses. Normally addresses are returned to the application by the resolver in the order that they are received. The only exception to this is that, by default, addresses on a shared network are preferred over other addresses. So if the computer running the resolver is connected to network 172.16.0.0 and one of the addresses returned in a multiple address response is from that network, the address from 172.16.0.0 is placed in front of the other addresses.

The sortlist command is rarely used. To be of any use, it requires that a remote host has multiple addresses for the same name; that the path to one of those addresses is clearly superior to the others; and that you know enough about the remote configuration to know which address is preferable.

options option ...

The options entry is used to select optional settings for the resolver. At this writing there are two valid keywords for option : debug to turn on debugging; and ndots: n to set the number of dots in a hostname used to determine whether or not the default domain needs to be applied. The default is 1. Therefore a hostname with one dot in it does not have the default domain appended before it is passed to the nameserver. If options ndots:2 is specified, a hostname with one dot in it has the default domain added before the query is sent out, but an address with two or more dots does not have the default domain added.

The most common resolv.conf configuration defines the default domain name, the local host as the first nameserver, and two backup nameservers. An example of this configuration is:

# Domain name resolver configuration file
#
domain nuts.com
# try yourself first
nameserver 172.16.12.2
# try almond next
nameserver 172.16.12.1
# finally try filbert
nameserver 172.16.1.2

The example is based on our imaginary network, so the default domain name is nuts.com . The configuration is for peanut and it specifies itself as the first nameserver. The backup servers are almond and filbert . The configuration does not contain a sort list or any options, as these are infrequently used. This is an example of an average resolver configuration.