Home   All tags   Terms and Conditions

Networking: DNS lookup

September 30, 2022



There is no single API call to perform the lookup.

Options are:

  • libc getaddrinfo
  • libc gethostbyname (OBSOLETE SPEC)
  • libc resolver library (Low level DNS retrieval)
  • direct interfacing to the dns servers via network calls

The applications that use libc will fall back to a DNS server on and use nsswitch mechanisms. Also in that case caching service like nscd or sssd might be used.

Direct interfacing applications include the “host” utility, because “host” is actually one of the applications included with ISC BIND, and it is intended specifically to interface with DNS directly, and not the system NSS API. It also includes applications like Firefox which bypass NSS and implement their own DNS API for performance reasons. And it includes applications which need access to records other than A and AAAA records. Such applications will need to use the resolver library or their own DNS client library to access MX or TXT records.

Configuration files

How to find out which executables care about which config file? Run the command through strace:

strace -f -e trace=openat <command>


Configuration for the files resolution method, listing up names to IP mappings.


Allow applications to not have to hard-code which file or service they look these things up on. The hosts line defines the order of lookup for DNS.

hosts:          files mdns4_minimal [NOTFOUND=return] dns

This allows to change the order and scope of lookup but does not work out only for applications that care about nsswitch.


  • list of programs that care about this:

  • ping


  • nameserver: which DNS servers to look up the host for
  • search: suffixes that get automatically appended if not found


  • link help and options like search

  • command line tools and how to perform settings for Ubuntu 22.04

  • Restart networking: systemctl restart networking


The dnsmasq program is another level of indirection for /etc/resolv.conf.


  • View contents of the cache: kill -SIGUSR1 <(cat /run/dnsmasq/dnsmasq.pid)


What is done in the docker context might seem irritating first but is well explained here


  • DNS can stop working if the DNS response is over 512 bytes and the DNS client request program doesn’t handle this correctly.