TCP/IP Configuration  «Prev

Configuring resolver nsswitch.conf file

nsswitch.conf file

The nsswitch.conf file is a configuration file on Linux systems that specifies the order in which various name services are used to resolve different types of queries, such as user and group lookups, hostname resolution, and network information services. The name service switch (NSS) functionality is used by various system utilities and libraries to look up information about users, groups, hosts, and other system entities. The nsswitch.conf file defines the order in which these name services are consulted for each type of lookup, allowing administrators to customize the system's behavior to suit their needs.
For example, the nsswitch.conf file might specify that user and group lookups should first be attempted using local files (such as /etc/passwd and /etc/group), and then fallback to querying a remote directory service (such as LDAP) if the local files do not contain the requested information.
The nsswitch.conf file is a critical component of the Linux system's name resolution infrastructure, and changes to this file can have significant impacts on the system's behavior. Administrators must exercise caution when making changes to this file and should thoroughly test any modifications before deploying them to production systems.

Configuring the resolver with nsswitch.conf

The nsswitch.conf file tells the resolver library[1] which of the three possible methods to use to convert host names to IP addresses and back.
Here is a sample file, taken from a Linux machine:

#
# /etc/nsswitch.conf
# An example Name Service Switch config file.  
# This file should be sorted with the most-used  
# services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the  
# search for an entry should stop if the search  
# in the previous entry turned up nothing. Note  
# that if the search failed due to some other reason  
# (like no NIS server responding) then the search 
# continues with the next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called 
# YP dns Use DNS (Domain Name Service)
# files Use the local files
# [NOTFOUND=return] Stop searching if not found 
# so far
#
passwd: files nisplus nis
shadow: files nisplus nis
group: files nisplus nis
hosts: files nisplus nis dns
services: nisplus [NOTFOUND=return] files
networks: nisplus [NOTFOUND=return] files
protocols: nisplus [NOTFOUND=return] files
rpc: nisplus [NOTFOUND=return] files
ethers: nisplus [NOTFOUND=return] files
netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
netgroup: nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus

We will study this file in more detail later, but for now, focus on the line marked hosts:
hosts: files nisplus nis dns This line tells the resolver library to first look in the /etc/hosts file (files), then try to contact an NIS+ server (nisplus), then an NIS server (nis), and finally to try the Domain Name Service.

[1]Resolver library: The TCP/IP protocol library software that formats requests to be sent to the Domain Name Server for hostname to Internet address conversion.