Why is my /etc/hosts file not queried when nslookup tries to resolve an address?

nslookup only does proper DNS resolution, which is significantly different from the Name Service Switch subsystem that your other applications use; that is to say nslookup ignores /etc/hosts and mDNS.

To test local resolutions like that, use something that uses NSS. ping <hostname> for example. Here's a simple demo based on an /etc/hosts entry on my network.

$ nslookup bert
Server:     8.8.8.8
Address:    8.8.8.8#53

** server can't find bert: NXDOMAIN

$ ping bert
PING bert (10.10.0.4) 56(84) bytes of data.
64 bytes from bert (10.10.0.4): icmp_seq=1 ttl=64 time=0.352 ms
64 bytes from bert (10.10.0.4): icmp_seq=2 ttl=64 time=0.407 ms

Note that there are DNS servers and proxies that can factor in an /etc/hosts file. In these cases, nslookup might return a result from a local source.


I guess that you want the name resolution from /etc/hosts file for the specific host (mysite.com).

Another common problem that can cause this behavior is that you may have many entries on the /etc/hosts file for the same IP, example:

1.1.1.1 host1.domain1.com
1.1.1.1 host2.domain2.com

In some implementations, this can cause the name resolution to get handed to DNS. A quick fix, group everything in 1 row

1.1.1.1 host1.domain1.com host2.domain2.com

Another common thing I see is where somebody (usually me) reverses the IP address with the hostname in /etc/hosts - for example:

mysite.com    10.2.3.4

At first glance, it looks normal... Here is my solution about 50% of the time:

10.2.3.4    mysite.com