Have run into this at work.

The previous admin setup /etc/resolve.conf to point to two Windows DNS servers, except we aren't using any type of DNS on the Linux side of the house.

All of the Linux machines are in the same subnet, and I'm using /etc/hosts to resolve where I put an entry of hostname and then ip adddress.

Why did the previous admin do this or will it make any difference?

thanks

I cannot speak for your sysadmin, but if anything is going to communicate with the linux boxes, or the linux boxes are going to communicate with anything else NOT in the hosts tables, there are serious advantages in the Linux servers being able to forward and reverse resolve.
If they cannot, there are about a dozen possible applications and services that need to have resolution disabled to avoid timeout errors and excessive logging.
Personally, I even use a DNS server (DNSMASQ) on isolated testing networks to ensure that I can properly test all services and applications in the kind of environment they will deploy into.

My Linux hosts at work have dozens of Windows workstation clients. They use the Windows DNS so that they can resolve all of the DHCP based windows clients properly. Just as one example.

Our Linux servers don't talk to the Windows Servers and vice versa. There is no OpenLDAP running, Samba or NFS or services like that. Right now we use SCP to move files back and forth, however I would like to start using either NFS or Samba to moves files.

I would have to check either under /proc of /etc/sysctl.conf to see if forwarding or reverse resolve is up and running. Is there anything else I can look at to confirm this?

I can guarantee you that you do not have every dns entry you need in your /etc/hosts. At the most, you'd have the internal local entries, therefore when your Linux server requires to query an external name, like for NTP (to keep time), update software, send an email, etc, you need some DNS server to whom to ask. That's why those entries are there in the /etc/resolv.conf. That ability of contacting the designated DNS and do the external query vicariously for your Linux server is forwarding. Nothing to do with /proc or /etc/sysctl.conf
Reverse lookup is when you know the IP address but you need to know the domain name of it.

I'm using /etc/hosts and putting the hostname/ip address for our patching server and backup server.

For ntp, I'm making an entry under /etc/ntp.

Is there a way I can tell that these Linux servers are actually using these DNS servers listed in /etc/resolv.conf? Besides something like netstat command?

I am not quite sure what's the end point in what you are trying to do. Are you trying to verify that the Linux server is not using those DNS servers in /etc/resolv.conf? If that's your concern, I can tell you that it is using it every time that it wants to resolve a name that is not present in /etc/hosts.
Do you have www.linuxquestions.org in your Linux /etc/hosts? Run in your Linux server:
You should see an entry, almost at the end, saying SERVER: <IP address>. That would be one of the two DNS servers.

I recommend against using remote mounts either NFS or CIFS. We ran into this recently, one machine had a rogue program that encrypted files. That was not optimal, but anything remote that it had mounted was also encrypted. Local things could be decrypted, but the remote machines lost ability to use the files on the mounts. Recovery was far less painful than explaining the downtime to management!

Remote mounting multiplies risk.

I am converting everything I am allowed to use rsync, scp, or sftp. Luckily, I had most functions on those already.

My best advice: don't go there.

You do not need /etc/resolv.conf at any time.

What determines DNS use is /etc/nsswitch.conf. Within that file you will normally see the following line:
If you remove everything after "files", you will disable all DNS requirements. The mdns4_minimal is for Windows, followed by regular DNS. The "myhostname" can be kept as it substitutes the local host name for the loopback name "localhost", returning 127.0.0.1 (or the IPv6 version). Reference: http://www.freedesktop.org/software/...yhostname.html

You don't need DNS for "external" time servers IF you put the external time server reference in the /etc/hosts file (or use the IP numbers directly).

In the distant past, there was no DNS. Everything was in the /etc/hosts file. Of course, this meant that update problems would occur as systems came and left, and the /etc/hosts file was not updated. This became a weekly activity for some admins... and even that wasn't fast enough. Also there was the problem that as the internet grew, the size of the /etc/hosts file also grew. The last non-DNS /etc/hosts file I dealt with was over 7,000 entries - and name lookups were "rather slow". DNS servers, along with the /etc/resolv.conf file made things a lot easier.

Local non-public names were put in the /etc/hosts file, and all external references became handled by DNS servers. Then things like AD came along (where EVERY AD server is also a name server, but with a typical screwup, not quite the same protocol....). Other name services were also added (NIS, NIS+ and later LDAP), thus to compensate, the resolve runtime library got a bit more complex, adding the /etc/nsswitch.conf which allowed for plugins to the naming service. It also generalized naming functions and added the other services too (which is why bootparams, ethers, netmasks, networks, protocols, rpc, services... got added).

But the flexibility also allows you to remove functions as well.

The big problem with that is you now need a LOT more disks... replicated on every systems. The purpose of the remote mounts it to share free space - that which is unused on one system can be utilized by another. Without that sharing you have to have the worst case size on every system.

You also complicate backups... Basically, you are depending on (usually) a daily update...

And it still doesn't prevent encrypted files from being copied to the server destroying the originals.

Jpollard: actually, almost none of that is true for my situation. There is no database transferring over remote mounts (except in one possible case) and while a transferred file might be encrypted isolated to that one file and not the entire filesystem. The disk population will not change, and most of my disk is on SAN in any case.

All of this is important to discuss, and might pertain tot he IP, but does not pertain to the question.

To the OP:
There may be things going on that make populating the resolv.conf file wise. We are not the admin who did the work, so we can only surmise. Removing it might cause something to fail at once, or might cause subtle issues (performance issues, perhaps) that would not bring themselves to your attention for some time.

Obviously if you really want to eliminate resolv.conf you CAN. I am not sure why you would WANT that, but it is doable. Does it HURT anything to use resolv.conf? I see better reasons for running an extra bind server or two to give me central management of the IP domain, but I have a few hundred machines to manage. If you have only a few, that central control may not mean as much.

My question for you is "why eliminate resolve.conf and disable bind lookups?". What exactly does that gain you?

any file transferred may be encrypted. If it is being used for a "shared backup of local files", then the entire filesystem can be damaged.

Since the disk is on a SAN it is already available to possible damage. If it wasn't, then it wasn't before.

Oh, and if you didn't have to add disk, you were already oversupplied.

I'm a new Linux sys admin and the other sys admins I work with are telling me that there are no DNS services for any of the Linux servers that I maintain and manage. They don't manage these servers and are not familiar with Linux as all.

I'm basically learning here by trial and error, asking questions on this forum along with searching on the Internet.

I did what you said, and it does look like the Linux servers are using the Windows DNS servers to get DNS info


Now I looked at the /etc/nsswitch.conf file on that same server and don't see any specific values populated on it (tried to pull up the man page for either man nsswitch and/or man 5 nsswitch.conf and neither worked).

So in short for my linux machines to talk to each other, since we aren't using any directory services like OpenLDAP, I will continue to populate /etc/hosts and can use the Windows DNS IP addresses in /etc/resolve.conf to talk to the outside world.

thanks

I'm finding NFS to be problematic, even in my home labs where I'm trying to get it to work on test Linux machines. There always seems to be something wrong and I know that I can always use scp.

I find anything else to be problematic (scp is slow, as is rsync or sftp, and requires manual activity, though they can be scripted, they still aren't timely).

For Linux, UNIX, Macs... NFS is the easiest and simplest.

The only times I've found it not working is when:
1. the client doesn't enable/activate NFS use
2. the firewall blocks it.

It has been working quite well for about 25 years. NFS v 4 has the best recovery (just exercised it - by rebooting a server. The client hung for about 15 seconds until the NFS services on the server started). No problems, no issues... they just continue functioning.

gluster is supposed to be a bit faster (it can use userspace for expanded buffering, and uses write through for data safety), but I haven't used it yet.

Sorry jpollard, I agree with JockVSJock here. I like using NFS, but it has proven unreliable over the long run. I can always make it work for the short term, but it fails unexpectedly and generally at just the wrong time.

Your point about any file transferred can be encrypted (or corrupted, my add) is taken. Over a mount though, the entire tree becomes vulnerable as compared to only files triggering a transfer for the other options. I understand your assessment of risk, but will go with my own.

Let us close that by agreeing to disagree on that subject: it was a subtext in this conversation anyway.

The important thing is that the OP got his answer, his Linux servers ARE using his DNS servers for nodes NOT in the hosts files with which they may need to communicate. Thus, removing or clearing the resolv.conf file MAY have unfortunate consequences. He might still try that, I hope if he does that he will update this thread with the results!