Tutorial on Figuring Out Your Server: Name Service Queries

Name Services
IP Addresses
This tutorial has examples for four versions of UNIX: Linux, Oracle’s Solaris, Apple’s Macintosh OS X and IBM’s AIX
DNS queries with nslookup and dig
For many years, one of the most common ways to check DNS for an address was nslookup. There is an attempt to phase out nslookup, particularly in LINUX. Nevertheless, nslookup works well. BIND, the most commonly used DNS server software, comes with dig and host (which is more basic than dig). Examples from nslookup and dig are given below. Note that much of the output from dig has been removed in this example.

paloalto [1]> nslookup cupertino
Server:  adminbox.tamas.com

Name: cupertino.tamas.com

penguin [1]> dig cupertino.tamas.com

cupertino.tamas.com. 3600 IN A

Many people will ping an addresses to get the name associated with that address in DNS. This method has the drawback that you are not querying the DNS server directly. Many computers, particularly desktops, will cache DNS information. So, if you are using ping to figure out if a DNS change has come through, you may get incorrect information.

If you are migrating people from one server to another via a DNS change, some people may need to clear their DNS cache, usually by rebooting their computers.

Check NIS for IP Address Information
NIS is another popular database for name services. Often it is used in conjunction with DNS. For example, lets say an organization has mailhosts organized by geographic location. If the NIS domains are limited to certain geographic locations (they usually are), NIS can be used to define the address of the local mailhost. For this to work, /etc/nsswitch.conf should have nis before dns in the hosts line, as shown in the examples, above.

The commands to look up a NIS entry are ypmatch and ypcat in conjunction with grep.

paloalto [1]> ypmatch mailhost hosts adminbox.tamas.com mailhost

paloalto [2]> ypcat hosts | grep –i mailhost | sort -u adminbox.tamas.com mailhost

The advantage of ypcat is that you can use grep to search for a string of letters. However, ypcat hosts outputs one line for each name associated with an address and you may want to pipe the output to uniq or sort –u, as shown in the example, above.

Suggestions for Future Learning
Further information on nslookup and dig are available in UNIX For Application Support Staff Chapter 4, Networking.

An excellent detailed description of DNS queries can be found in Chapter 15 of Hacking Exposed Linux: Linux Security Secrets and Solutions (Third Edition) by ISECOM (Institute for Security and Open Methodologies).

Tutorial Contents

​What is my Server's Operating System and Name ?

Name Service queries with DNS and NIS

What Is My Server’s Configuration ?

Hardware Information : CPU and Memory

Environmental Variables : Your Configuration

Disk Usage  and Listing Directory Contents

Who Else  is Logged in?

Name Services
IP Addresses