The /etc/hosts file

In order to send network traffic to a host, the numeric Internet Protocol (IP) address for that host must be known. The IP address is traditionally written as xxx.xxx.xxx.xxx where each xxx represents a value from 0 to 255, for an IPv4 network address (the same approach is appliable also to an IPv6 network). Computers require these addresses but humans find remembering numeric values difficult. The Domain Name Service (DNS) provides a mechanism to associate one or more alphanumeric names with a numeric IP address.

As your machine gets started, it will need to know the mapping of some hostnames to IP addresses before DNS can be referenced. This mapping is kept in the /etc/hosts file. In the absence of a name server, any network program on your system consults this file to determine the IP address that corresponds to a host name.

Following is a sample /etc/hosts file:

The leftmost column is the IP address to be resolved. The next column is that host's name. Any subsequent columns are alias for that host. In the first line, for example, the IP address 127.0.0.1 is for the localhost common name.

After you are finished configuring your networking files, don't forget to restart your network for the changes to take effect.

[root@deep] /# /etc/rc.d/init.d/network restart


Setting network parameters		 [  OK  ]
Bringing up interface lo		 [  OK  ]
Bringing up interface eth0	         [  OK  ]
Bringing up interface eth1	         [  OK  ]

Important: Time out problems for telnet or ftp connection are often caused by the server trying to resolve the client IP address to a DNS name. Either DNS isn't configured properly on your server or the client machines aren't known to DNS.

If you intend to run telnet or ftp services on your server, and aren't using DNS, don't forget to add the client machine name and IP in your /etc/hosts file on the server or you can expect to wait several minutes for the DNS lookup to time out, before you get a login: prompt.

Associating Host Names And IP Addresses

So, now let's recap the structure of an hosts file. For each host a single line should be present with the following information:

IP_address canonical_hostname [aliases ...]

Fields of the entry are separated by any whitespace (spaces or tabs). The first field is the numeric IP address to be used for all the host names on this entry. Either an IPv4 address (10.1.2.3), an IPv6 address (2001:0db8:0000:0000:0000:0000:1428:57ab), or an IPv6 abbreviation (::1) may be used, depending on your requirements.

After the IP address, remaining tokens specify the locally-known hostnames associated with that IP address. By convention, the first name after the IP address is the canonical or fully-qualified domain name. An example of a canonical name would be server.example.com; this is the official name of the host.

Any remaining names defined for the IP address are aliases or alternate names for the official host name. For example, suppose that one of the duties assigned to server.example.com is to be the corporate FTP site. A suitable alias might then be sample.example.com and this name could be added to the /etc/hosts entry after the canonical name. Many times, an alias is simply the host name, without any domain suffix. For example:

192.168.10.12 server.example.com sample.example.com myserver myserverftp

The advantage to listing the canonical host name as the first definition on the line is that IP-to-hostname conversion (similar to reverse DNS lookups) usually display only the first name found; convention uses the canonical name for this. In our example, the command:

$ ping myserverftp
PING sample.example.com (192.168.10.12) 56(84) bytes of data.
64 bytes from sample.example.com (192.168.10.12): icmp_seq=1 ttl=64 time=0.023 ms
64 bytes from sample.example.com (192.168.10.12): icmp_seq=2 ttl=64 time=0.028 ms
64 bytes from sample.example.com (192.168.10.12): icmp_seq=3 ttl=64 time=0.028 ms

Note that we pinged myserverftp but results come from host sample.example.com: this is a reliable hint that you are addressing an alias, not the actual host.

/etc/hosts priority over DNS

The priority of name resolution on Linux systems is dictated by the NSS (Name Service Switch) configuration, i.e. /etc/nsswitch.conf file's hosts directive. For example, on a RHEL/Centos system:

hosts:    files mdns4_minimal [NOTFOUND=return] dns

Here, files refers to the /etc/hosts file, and dns refers to the DNS system. By default, the hosts file will be used first.