Configure Linux / UNIX Dns Resolver To Append Domain Search Names And Path ( ndots options )

by on June 6, 2007 · 3 comments· LAST UPDATED April 22, 2014

in , ,

I'm using CentOS Linux server version 5.x/6.x+. How do I configure a system so that the DNS resolver will append search path extensions to hostnames that have dots in them? For example, my domain name is test.com. when I query for mail hostname it should append .test.com and return the IP address of mail.test.com hostname.

You can easily configure the domain search list. The search list is normally determined from the local domain name; by default, it contains only the local domain name.
Tutorial details
DifficultyEasy (rss)
Root privilegesYes
RequirementsNone
Estimated completion time2m
This may be changed by listing the desired domain search path following the search keyword with spaces or tabs separating the names. Resolver queries having fewer than ndots dots (default is 1) in them will be attempted using each component of the search path in turn until a match is found. For environments with multiple subdomains please read options ndots:n below to avoid man-in-the-middle attacks and unnecessary traffic for the root-dns-servers. Note that this process may be slow and will generate a lot of network traffic if the servers for the listed domains are not local, and that queries will time out if no server is available for one of the domains.

Task: SETUP DNS SEARCH LIST FOR HOST-NAME LOOKUP

Open /etc/resolv.conf file, enter:
# vi /etc/resolv.conf
OR
$ sudo vi /etc/resolv.conf
Now add search path as follows:
search test.com
Save and close the file.

Optional ntdots configuration

Please note that you may also need to use ndots:n option to sets a threshold for the number of dots which must appear in a name given to query before an initial absolute query will be made. The default for n is "1", meaning that if there are any dots in a name, the name will be tried first as an absolute name before any search list elements are appended to it. For example set ndots to 2 as follows, to answer nslookup f1.mail query to get IP for f1.mail.in.test.com hostname:
## config file - /etc/resolv.conf ##
options ndots:2
search test.com in.test.com

Save and close the file.

Test it

Use host command or dig command as follows:

$ host f1
$ host mail
$ dig smtp

Limitations

  • The search list is currently limited to six domains with a total of 256 characters.

Help /etc/resolv.conf file overwritten by dhclient on a Linux based system

You may find that /etc/resolve.conf is being generated and overwritten by dhcp client, so any changes made to /etc/resolv.conf file will be subsequently overwritten. See how to fix this issue by reading the following tutorial:

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 3 comments… read them below or add one }

1 vinod July 9, 2007 at 11:13 am

What all the Daily Activities need to be done on a freebsd server,

Reply

2 Hari May 8, 2010 at 5:54 am

I am using CentOS 5.3 and for me /etc/resolve.conf is being generated by /sbin/dhclient-script, so any changes done to this file will be subsequently overwritten. I am trying to find a different way to add the search order.

Reply

3 Henry June 5, 2012 at 1:04 am

In regards to Hari’s question, I guess this was never answered, but I’ll answer it here because this page appears to be one of the first that pops up when I Google this particular question.

These instructions work on my CentOS 5.6 workstation.

The reason /etc/resolv.conf is being overwritten is because you’ve configured your DHCP client to get automatically obtain DNS information from the “provider”, thereby overwriting your changes everytime you reboot or restart your network services.

To stop this, edit the following file:
/etc/sysconfig/network-scripts/ifcfg-eth0
And set “PEERDNS=no”

You should now be able to update /etc/resolv.conf with additional “search [domain]” lines and it should stick, even after rebooting.

The following page provides additional information:
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-dhcp-configuring-client.html

If you’re running KDE, you can go into System > Administration > Network > Devices and double-click the appropriate eth device. Then uncheck “Automatically obtain DNS information from provider”. Go back to the “DNS” tab and add your additional domain suffixes separated by spaces. Save and exit. Restart your network services using “/etc/init.d/network restart” or reboot.

Hopefully this helps someone.

Reply

Leave a Comment

Tagged as: , , ,

Previous Faq:

Next Faq: