Entry in /etc/hosts not used

Bill Moran wmoran at potentialtech.com
Thu Jun 12 06:11:02 PDT 2003 

Roger Merritt wrote:
> I've been trying to install a Content Management System for evaluation 
> purposes. The system needs to have some virtual domains set up and the 
> docs recommend putting the dummy addresses in the /etc/hosts file. 
> That's fine by me, because I use /etc/hosts for all the DNS queries for 
> machines on my LAN, but I had not realized a single IP address could 
> resolve to more than one name. The entries in /etc/hosts are:
> 
> 10.3.16.125     editor.imp.ac.th        editor
> 10.3.16.125     www.imp.ac.th           www
> 10.3.16.125     admin.imp.ac.th         admin
> 10.3.16.125     su.imp.ac.th            su
> 
> My resolv.conf file is:
> 
> domain  imp.ac.th
> nameserver      202.21.144.1
> 
> My host.conf file is:
> 
> # $FreeBSD: src/etc/host.conf,v 1.6 1999/08/27 23:23:41 peter Exp $
> # First try the /etc/hosts file
> hosts
> # Now try the nameserver next.
> bind
> # If you have YP/NIS configured, uncomment the next line
> # nis
> 
> At this point, I'm baffled. Apache is running on the machine that acts 
> as the server for the office lan as well as the gateway to the internet. 
> I have two NIC's, ed0 set as 203.151.134.xxx, and ed1 set as 10.3.16.125.
> 
> If I set all four names to the IP address 203.151.134.xxx, I'm able to 
> ping three of them from machines on my LAN, but not editor.imp.ac.th. 
> When I set the four names to the IP address 10.3.16.125, I'm not able to 
> ping any of them from the LAN. When I changed the entries in /etc/hosts 
> back to 10.3.16.125, I'm still able to ping admin, www, and su, but ping 
> shows their addresses as still being 203.151.134.xxx!

Huh?  I don't understand your explanation of the symptoms.

I can say that you've got a complex setup there.  You didn't post anything
about your nat configuration and firewall rules, but those will have a
great impact on how this thing behaves.  If you can afford it, setting
up seperate machines for the web server and the nat will make life easier.

You also claim that you can/can't ping things from other machines on the
network.  What are these machines?  And do they have the same resolver
configuration as this machine?  Are you sure?

> When I point my browser (Mozilla, 1.3.1) at www, admin, or su.imp.ac.th, 
> it displays the root document from the Content Management System I'm 
> trying to configure, but it gives me an error message, "editor.imp.ac.th 
> could not be found, please check and try again".

That's pretty strange.  Grab a copy of Ethereal and sniff the communication
between the two machines, I'm sure the results will be enlightening.  (Which
means I'm not sure why it's doing this, but experience tells me you'll say
"Huh? Look at that" once you've seen the Ethereal capture)

> I'm baffled and haven't been able to find anything from Google searches. 
> I don't understand why the name editor.imp.ac.th is being treated 
> differently from the other three, and I don't understand why I can ping 
> the interface *not* in my LAN but not the interface that directly 
> connects with the machines in my LAN.

Firewall/nat rules, I would guess.

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com

More information about the freebsd-questions mailing list