Outgoing "flow"

  2. Home
  4. Docs
  6. Outgoing “flow”
  8. The Name Service Switch (nsswitch)

The Name Service Switch (nsswitch)

nsswitch is what determines the order in which further components are queried for the domain. This is controlled in /etc/nsswitch.conf in the ‘hosts‘ entry:

$ cat /etc/nsswitch.conf | grep hosts
# Valid databases are: aliases, ethers, group, gshadow, hosts,
hosts: files dns myhostname

In this example we see 3 entries — files, dns, myhostname.

This means it will check files first. What files? This is answered in the nsswitch.conf man pages:

# man nsswitch.conf
----
       The following files are read when "files" source is specified for respective databases:

           aliases     /etc/aliases
           ethers      /etc/ethers
           group       /etc/group
           hosts       /etc/hosts
           initgroups  /etc/group
           netgroup    /etc/netgroup
           networks    /etc/networks
           passwd      /etc/passwd
           protocols   /etc/protocols
           publickey   /etc/publickey
           rpc         /etc/rpc
           services    /etc/services
           shadow      /etc/shadow
---

As noted, the specific file that is read for the ‘hosts’ nsswitch entry is /etc/hosts. So it will first try /etc/hosts to see if there is a defined DNS entry for www.redhat.com

For example, if we had this defined in /etc/hosts:

1.2.3.4 www.redhat.com

Our flow would be:

command/application -> glibc -> nsswitch -> /etc/hosts

And /etc/hosts would send the 1.2.3.4 value back to us as an answer.

If it does not find an entry in /etc/hosts, it then moves on to the next entry — ‘dns’.

When ‘dns’ is defined in nsswitch ‘hosts:’, it uses ‘resolver’ functions from the glibc library to search what is defined in /etc/resolve.conf, and sends the queries to the nameservers defined.

So if for example /etc/resolv.conf has this nameserver defined:

nameserver 8.8.8.8

The full ‘flow’ of the outgoing www.redhat.com query is as follows:

command/application -> glibc -> nsswitch -> /etc/hosts -> /etc/resolv.conf -> 8.8.8.8

And the DNS server at 8.8.8.8 would then be expected to send us the domain records for www.redhat.com.

The DNS server at 8.8.8.8 could be any kind of DNS server — it could be systemd-resolved, dnsmasq, unbound, BIND DNS server, or some other local hosted server. Regardless, the nameserver is where the outgoing path ends.

Was this article helpful to you? Yes No

How can we help?