TLDR: nslookup command does NOT use /etc/hosts for domain name to IP resolution.
Recently I needed to simulate outage of Disqus server providing REST endpoints for commenting.Because client application, using this service, was deployed into horrible CMS server, changing URL for Disqus service was quite painful. OS on the server is Red Hat Enterprise Linux, so I decided to simply add entry into /etc/hosts translating "disqus.com" domain name to 127.0.0.1 (localhost). Purpose was to hijack DNS resolution into real public Disqus IP address, obtained from DNS server, to make disqus.com calls fail. Dead simple.
I've added line 127.0.0.1 disqus.com
into /etc/hosts
and executed
nslookup disqus.comexpecting to see the difference, but there wasn't any and nslookup was still returning Disqus public IP address. Suspecting DNS caching for causing this, I've started looking for a way to flush DNS translation cache. Linux standard way seems to have
nscd
daemon running and refreshing it nscd -I hostsshould do the trick. But surprisingly,
nscd
was not running on that server. Neither did any of named, bind, rscd, dnsmasq...
Probably only way to flush dns cache in this situation could be restart of whole networking subsystem (/etc/init.d/network restart
), but that wasn't something I could do on that server.
Then, just to be double sure, I executed
ping disqus.comand spotted that it is pinging 127.0.0.1 as I wanted! But
nslookup
, executed again, was still showing public Disqus IP address! As it has turned out that, nslookup is always doing DNS server lookup and it is ignoring your
/etc/hosts
file
Lesson learned - Don't test your /etc/hosts
changes with nslookup
. Use ping
instead.
It is still some DNS caching done in Java, because
As it turned out, this delay was actually caused by Varnish and has nothing to do with Java... sorry
ping
reflected IP changes immediately, but application running in Java server changed IP after while. I haven't measured it precisely, but it seemed to be about one minute.
All of this happened of RHEL 5.7 (cat /etc/*-release
)
/etc/hosts
file will take precedence over DNS servers, in process of hostname resolution, following should be true
- File
/etc/host.conf
should contain lineorder hosts,bind
- File
/etc/nsswitch.conf
should contain linehosts: files dns