Why is my /etc/hosts file not queried when nslookup tries to resolve an address?
nslookup
only does proper DNS resolution, which is significantly different from the Name Service Switch subsystem that your other applications use; that is to say nslookup
ignores /etc/hosts
and mDNS.
To test local resolutions like that, use something that uses NSS. ping <hostname>
for example. Here's a simple demo based on an /etc/hosts
entry on my network.
$ nslookup bert
Server: 8.8.8.8
Address: 8.8.8.8#53
** server can't find bert: NXDOMAIN
$ ping bert
PING bert (10.10.0.4) 56(84) bytes of data.
64 bytes from bert (10.10.0.4): icmp_seq=1 ttl=64 time=0.352 ms
64 bytes from bert (10.10.0.4): icmp_seq=2 ttl=64 time=0.407 ms
Note that there are DNS servers and proxies that can factor in an /etc/hosts
file. In these cases, nslookup
might return a result from a local source.
I guess that you want the name resolution from /etc/hosts
file for the specific host (mysite.com).
Another common problem that can cause this behavior is that you may have many entries on the /etc/hosts
file for the same IP, example:
1.1.1.1 host1.domain1.com
1.1.1.1 host2.domain2.com
In some implementations, this can cause the name resolution to get handed to DNS. A quick fix, group everything in 1 row
1.1.1.1 host1.domain1.com host2.domain2.com
Another common thing I see is where somebody (usually me) reverses the IP address with the hostname in /etc/hosts
- for example:
mysite.com 10.2.3.4
At first glance, it looks normal... Here is my solution about 50% of the time:
10.2.3.4 mysite.com