9

In dnsmasq.conf:

address=/local/127.0.0.1

In resolv.conf:

# Generated by NetworkManager
domain example.com
search example.com
nameserver 127.0.0.1
nameserver 10.66.127.17
nameserver 10.68.5.26

I can use nslookup:

# nslookup www.local
Server:     127.0.0.1
Address:    127.0.0.1#53

Name:   www.local
Address: 127.0.0.1

But I can't use ping:

# ping www.local
ping: unknown host www.local

I use tcpdump to capture lo while pinging www.local, no packets, while packets like

# tcpdump -i em1 -n | grep local

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
20:14:38.189335 IP 10.66.65.188.mdns > 224.0.0.251.mdns: 0 A (QM)? www.local. (27)
20:14:39.190700 IP 10.66.65.188.mdns > 224.0.0.251.mdns: 0 A (QM)? www.local. (27)
20:14:41.192979 IP 10.66.65.188.mdns > 224.0.0.251.mdns: 0 A (QM)? www.local. (27)

appeared from physical interface.

Which means ping is using mdns, but why nslookup doesn't use mdns? Why ping won't use normal dns when mdns doesn't return useful falue?

Thanks.

dspjm
  • 205
  • 2
  • 5

2 Answers2

9

ping use glibc's name resolution system, called Name Service Switch. This uses the /etc/nsswitch.conf file to know where to look for in order to resolve a name to an IP. The hosts: line in this file represents an order of preference for each service. For exemple, files represent the local /etc/hosts file, dns uses the /etc/resolv.conf file to contact a DNS server, and mdns uses mdns.

However, nslookup doesn't use it. It talks directly to the DNS server specified in /etc/resolv.conf and so can't use mdns.

But I can't answer your last question. If you have both mdns and dns in /etc/nsswitch.conf, even with mdns first, it should firstly try to resolve the name with mdns, then if no answer use dns.

piernov
  • 415
  • 2
  • 7
  • Thanks @priernov, I found the answer of my last answer too, which is the line "hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname" in nsswitch.conf, it will return if no mdns ip found. – dspjm Mar 05 '14 at 16:27
  • 1
    Actually nslookup can be persuaded to resolve a .local address by specifying server 224.0.0.251 and port 5353: enter nslookup interactive mode, issue 'server 224.0.0.251', 'set port=5353', and then the hostname to be resolved eg 'Microknoppix.local'. (tested on 2 debian systems. On Windows 10 nslookup.exe supplied by Microsoft does not work, the one downloaded from https://www.isc.org/downloads/bind/ does) – NameOfTheRose Mar 06 '16 at 19:37
  • 1
    By the way, use `getent hosts foo.local` if you just want to look up an IP address regardless of whether it is mDNS or DNS. Unlike `nslookup`, the `getent` command uses the GNU C Library's nsswitch, so it always works. – hackerb9 Aug 28 '19 at 07:13
3

It's very simple - nslookup is specifically a DNS tool - it's part of the BIND tools.

It simply doesn't know about the other name services that library calls such as gethostbyname can access via NSS because nslookup doesn't use gethostbyname, etc.

Alnitak
  • 20,901
  • 3
  • 48
  • 81