The /etc/hosts, /etc/resolv.conf, and /etc/nsswitch.conf Files

This tutorial explains the purposes and usages of the /etc/hosts, /etc/resolv.conf, and /etc/nsswitch.conf files on Linux. Linux uses these files to resolve domain and host names. Linux checks these files in a pre-defined sequence. First, we will discuss how Linux uses these files. Later, we will learn how to customize the default sequence.

On a computer network, every endpoint uses a unique IP address. Applications that provide communication between endpoints use these addresses to identify communicating end devices. If you want to access a resource available on an endpoint, you have to use its IP address. For example, if you want to access a website stored on a server, you have to use the server's IP address.

Generally, IP addresses are difficult for human users to remember. IP addresses are made of numbers. Instead of numbers, humans prefer names to identify and access objects on the network. Let's take a simple example.

Suppose, you want to access Google's website. For this, you open a web browser. Google's website's address is available in three formats: IPv4, IPv6, and name.

IPv4 address:   142.250.195.14
IPv6 address:   2404:6800:4002:826::200e
Name:           google.com

Which format will you use on the browser to access Google's website?

Most of us will use the name (google.com) rather than the IPv4 and IPv6 formats. It is more convenient and easier to use, speak and type. But there is a problem, computers never use names to access any resources available on the network.

The solution to this problem is mapping. Computers allow us to map IP addresses with their respective names. After mapping, when we access a resource by using its name, the computer automatically converts the name into the IP address.

There are two ways to map IP addresses with names.

  1. Using the Hosts files
  2. Using the DNS server

Using the Hosts files

All operating systems include a file called hosts. You can use this file to map, IP addresses and names. Every time you access a network resource, the operating system checks this file to figure out the corresponding IP address.

Let's take a simple example to verify it.

Open the web browser and access the website google.com.

access google

If you can access it, open the /etc/hosts file, add the following lines at the end of the file, and save the file.

127.0.0.1   www.google.com
::1         www.google.com

default hosts file

Now access the website again.

can not access google

This time you cannot access google.com.

Can you guess what happened this time? Why can't you access this website now?

The answer is the wrong mapping of the resource and IP address. We mapped the website google.com with an IP address that doesn't serve it.

The IP address 127.0.0.1 (IPv4) and ::1 (IPv6) belong to localhost. We mapped these IP addresses with google.com. When we type google.com in the address bar of the web browser and hit the enter key, the system checks the /etc/hosts to know the IP address of google.com. If it finds an entry for this name, it uses the IP address that belongs to it.

Since we have added an entry for this name, the system will use the IP address associated with the name. It loads google.com from the local system. Since the local system doesn't have the website google.com, it returns an error indicating that the requested resource was not found or could not connect to the requested web page.

To fix it, open the /etc/hosts file again, removes the entries that you added, and save the file.

Access google.com again. Now, you can access it.

default hosts file

The system follows the same process every time you access a resource using its name. It first checks the /etc/hosts file to know the associated IP address. If it doesn't find an entry for the name, it uses the DNS server to know the IP address associated with the name.

Using the DNS server

A DNS server does the same task on the network that the /etc/hosts file does on the local system. It maps IP addresses to names but it does this on a large scale. You can map and manage millions of records on a single DNS server.

You can configure and use multiple DNS servers on the network. You can also use an external DNS server. To use a DNS server, you need to configure the IP address of the DNS server on the local system.

Whenever a system needs to resolve a name, it first checks the /etc/hosts file. If it does not find an entry for the name in /etc/hosts file, it sends a query to the configured DNS server.

The DNS server checks its database and provides the IP address associated with the name.

A system sends a query to the DNS server for a resource only if it does not find an entry for that resource in the /etc/hosts file. It always gives priority to the /etc/hosts file over the DNS server.

priority order

Linux uses the /etc/resolv.conf file to store the DNS server's IP address. It updates this file from network connections.

default resolv conf file

A connection is a collection of network settings associated with a network interface. When you configure the DNS server's IP address in a connection, NetworkManager automatically updates the DNS server's IP address in the /etc/resolv.conf file from the connection.

updating dns server ip addresses

Key points:

Since NetworkManager automatically updates the /etc/resolv.conf file, you should not edit this file directly. If you want to configure or update the DNS server's IP address, you should use NetworkManager tools.

Linux uses the /etc/resolv.conf file to forward the unresolved query to the DNS server. The DNS server resolves the query and sends the solved query back to the Linux system.

The /etc/nsswitch.conf file

The order in which the /etc/hosts and /etc/resolv.conf files are checked is defined in the /etc/nsswitch.conf file. This file also defines the default search order for many other services such as hostname, users, groups, passwords, etc.

The hosts directive defines the default search order for name resolution. It has three values: files, dns, and myhostname.

The value files stands for the /etc/hosts file.

The value dns stands for the DNS server configured in /etc/resolv.conf file.

The value myhostname is the default value. If both the files and dns options don't work, Linux uses this value as the default name for the local machine.

the nsswitch conf file

Conclusion

Almost all network services depend on name resolution to access network resources. Linux uses three files in a fall-back sequence to resolve names. In this tutorial, we discussed these files and how Linux uses them.

ComputerNetworkingNotes Linux Tutorials The /etc/hosts, /etc/resolv.conf, and /etc/nsswitch.conf Files