Tutorial on Figuring out your server: Name Services

OS/Name
NS Queries
This tutorial has examples for four versions of UNIX: Linux, Oracle’s Solaris, Apple’s Macintosh OS X and IBM’s AIX
Name Services
It is possible to associate multiple names to a server. You and your co-workers may use a different name for the machine than the name you get from the commands uname –n or hostname.

The mechanism that allows more than one name to be associated with a server is called a name service. The two name services you probably have come across are DNS (Domain Name Service) and WINS (Windows Internet Name Service), but other databases like NIS (Network Information Services) are also used. Strictly speaking, name services provide a centralized database that associates computer names with addresses. For example, the name service DNS will take the server name www.oreilly.com and give your browser the correct address (something like 209.204.146.22). You can also associate a computer name with an address locally in the /etc/hosts file. In fact, /etc/hosts generally functions as a secondary database when the primary name service is not available.

The name service being used by your server is determined by these files:
/etc/nsswitch.conf
/etc/netsvc.conf (AIX)

The servers in three of the four of examples, below, are set up to do the same thing. First, they check local configuration files, basically /etc/hosts. Then they check NIS and then DNS. Note that AIX uses the word “local” instead of “files” and “bind” instead of “dns”.

Linux:
penguin [1]> grep –i host /etc/nsswitch.conf
hosts:      files nis dns

Solaris:
paloalto [1]> grep –i host /etc/nsswitch.conf
hosts:      files nis dns

OS X:
cupertino [1]> grep –i host /etc/nsswitch.conf
hosts:      files nis dns

AIX:
endicott[1]> grep -i  host /etc/netsvc.conf
hosts=local,bind4

DNS

DNS is the standard name service on the internet. Most organizations have internal addresses and external addresses. If other name services are used, they are used for internal addresses.

DNS is a distributed database. That allows portions of the DNS database to be delegated to different organizations. DNS addresses are organized into domains. For example, google.com is a DNS domain. This allows local control of the domains. For example, Google has its own domain, which is google.com. Google manages all addresses that are part of that domain.  Google can decide and maintain the addresses for calendar.google.com, mail.google.com, maps.google.com and so on. Further, Google can decide to create subdomains under google.com. Google can even decide to associate these names with addresses or just aliases to other names. For example, mail.google.com is actually an alias to googlemail.l.google.com. To confirm that, try:
nslookup mail.google.com

You will probably see something like:
mail.google.com      canonical name = googlemail.l.google.com.
Name:      googlemail.l.google.com
Address: 216.58.219.197

The term canonical name indicates the real name for the server.

DNS follows a client-server model. The client is called the resolver. A developer can get code to add to their software to allow it to perform as a resolver. The server side is called the Name Server or nameserver.

Client-Side DNS Configuration
The configuration file for the resolver (DNS client) is:
/etc/resolv.conf

This file will define the domain the client is in and the name servers (DNS servers) it uses.


Some other uses of DNS

DNS allows us to have a different public-facing name for a server than the name the systems administrators use to log in. This allows for greater privacy and security.

DNS allows a company to outsource certain services. For example, promotional email to customers may be outsourced. The company can give authority for a subdomain to their vendor. For example, Whole Foods may give authority to mail.wholefoods.com to their marketing vendor.

Sender Policy Framework (SPF) uses DNS to confirm that incoming mail is providing accurate information about where it came from. Every email has a “from” address. DNS has fields which identify if a server is authorized to send email. SPF checks the from address and uses DNS to confirm that the host is authorized to send email and rejects the email if is not.

An URL in a document such as an email can have user-facing text that different than the underlying URL. For example, an URL may simply say click here rather than the entire address. DNS gives us the opportunity to log into the real site in a separate browser.

Suggestions for Future Learning
There are more configuration options for /etc/nsswitch.conf and /etc/netsvc.conf, which are discussed in UNIX For Application Support Staff Chapter 4, Networking.


For an example of how programmer’s can use the DNS client-server model, see John Goerzen’s Foundation of Python Network Programming for information on how to add DNS lookups to a Python script.




OS/Name
NS Queries
Tutorial Contents

​What is my Server's Operating System and Name ?


Name Service queries with DNS and NIS

IP Addresses


What Is My Server’s Configuration ?

Hardware Information : CPU and Memory

Environmental Variables : Your Configuration


Disk Usage  and Listing Directory Contents

Who Else  is Logged in?