Are the user provided search domains from resolv.conf used only for A/AAAA queries ?
Are they used for any other purpose ?
Are the user provided search domains from resolv.conf used only for A/AAAA queries ?
Are they used for any other purpose ?
See man resolv.conf
. The local domain
(and possibly other domains specified in search
) gets appended to a hostname in a query every time it's not a FQDN.
Knowing that, you could easily test whether it works for other RR types or not. You could test that with any existing record like TXT
for DKIM selector etc. Let's assume we have SSH fingerprint SSHFP
record for someserver.example.com
:
nslookup
> set domain=example.com
> set type=SSHFP
> someserver
In this example we actually would get an answer for someserver.example.com SSHFP
(instead of handling someserver
as a FQDN), demonstrating how it works on any RR type.
Please notice that you can only test this with nslookup
that uses resolv.conf
as its initial configuration file. The alternative dig
always treats all queries as FQDN, i.e.
dig someserver SSHFP
;; QUESTION SECTION:
;someserver. IN SSHFP
First of all, it is the OS resolver library which implements the actual search functionality, meaning it's use depends on which OS (or other) libraries are actually in use, and nameserver software does not need to know about it at all.
Ie, when an application looks up a name, calling the standard getaddrinfo
, gethostbyname
(deprecated), etc functions, the resolver library will make separate lookups for different variations of the specified name as needed.
Now, getaddrinfo
and gethostbyname
(when these actually end up using DNS at all, the resolver library may be configured to use other sources) specifically looks up address records (A
/ AAAA
), so the question boils down to whether other resolver library code also uses search or if its use is limited to these rather narrow purpose functions.
As there are lots of variables (ie, what DNS lookup functionality is a given application actually using?) the short answer to the question is "it depends".
Having a quick look at other functions provided in the oldschool libc resolv library, an application which uses the res_query
/ res_nquery
functions will NOT search, while an application which uses res_search
/ res_nsearch
will search.