I’ve had a funny situation on a Solaris 10 box where DNS appeared to be working but domain names were not returning. I was able to configm DNS was working using dig
$ dig www.google.com
; <<>> DiG 9.3.4 <<>> www.google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 412
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 7, ADDITIONAL: 3
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 258091 IN CNAME www.l.google.com.
www.l.google.com. 289 IN A 220.127.116.11
www.l.google.com. 289 IN A 18.104.22.168
www.l.google.com. 289 IN A 22.214.171.124
www.l.google.com. 289 IN A 126.96.36.199
;; AUTHORITY SECTION:
l.google.com. 20626 IN NS b.l.google.com.
l.google.com. 20626 IN NS c.l.google.com.
l.google.com. 20626 IN NS d.l.google.com.
l.google.com. 20626 IN NS e.l.google.com.
l.google.com. 20626 IN NS f.l.google.com.
l.google.com. 20626 IN NS g.l.google.com.
l.google.com. 20626 IN NS a.l.google.com.
;; ADDITIONAL SECTION:
a.l.google.com. 83697 IN A 188.8.131.52
b.l.google.com. 86389 IN A 184.108.40.206
e.l.google.com. 86008 IN A 220.127.116.11
;; Query time: 2 msec
;; SERVER: 10.94.70.5#53(10.94.70.5)
;; WHEN: Tue Sep 2 09:44:17 2008
;; MSG SIZE rcvd: 276
And pinging the ip address showed the host was up.
$ ping 18.104.22.168
22.214.171.124 is alive
However pinging using a host names failed.
$ ping www.google.com
ping: unknown host www.google.com
The mystery begins to clear up when we use the getent command. From wikipedia: “getent is a unixtext files called databases. This includes the passwd and group databases which store user information – hence getent is a common way to look up user details on Unix. Since getent uses the same name service as the system, getent will show all information, including that gained from network information sources such as LDAP. command that helps a user get entries in a number of important
The databases it searches in are: passwd, group, hosts, services, protocols, or networks.”
$ getent hosts www.google.com
The point here is that dig bypasses the host file and goes directly to the dns servers, while ping will obey the Name Service Switch settings as defined in /etc/nsswitch.conf. The solution is simply to edit the file and add the word dns to the line ipnodes: files
ipnodes: files dns