man pages section 4: File Formats

resolv.conf(4)

NAME | DESCRIPTION | SUMMARY OF TRUSTED SOLARIS CHANGES | FILES | SEE ALSO

NAME

resolv.conf- Configuration file for name server routines

DESCRIPTION

This file helps initialize routines from the resolver(3RESOLV) C library. The resolver routines provide access to the Internet Domain Name System.

The resolver configuration file contains information that is read by the resolver routines the first time a process calls them. The file is designed to be human readable and contains a list of keyword-value pairs that provide various types of resolver information. Keyword-value pairs are of the form:

keyword value

The different configuration options are:

nameserver address

Specifies the Internet address in dot-notation format of one name server to which the resolver should direct any queries. Up to MAXNS (currently three) name servers may be listed, on as many as MAXNS nameserver lines in resolv.conf. If multiple servers are specified, the resolver routines query them in the order listed. If no nameserver lines are present in the file, resolver routines use the name server on the local machine.

The algorithm of the resolver routines is: try the first name server specified. If the query times out, try the next server listed in the configuration file, and so on until the complement of servers there has been exhausted. If those queries also time out, try the full complement of name servers again, until the maximum number of retry passes has been made.

domainname

Specifies a local domain name for use as the default domain.

Most queries for names within a domain can use short names relative to the local domain. If a domain line is missing from the configuration file, the domain is determined from the environment variable, LOCALDOMAIN, if it is defined, from the domain name (see domainname(1M)) by omitting the first level, or from the host name ( gethostname(3C)) by using everything after the first dot. Finally, if the host name does not contain a domain part, the root domain is assumed.

searchsearchlist

Specifies a search list for host-name lookup. The search list is normally determined from the local domain name; by default, it contains only the local domain name. This may be changed by listing the desired domains for searches in searchlist. Spaces or tabs must separate domain names.

Most resolver queries are attempted using each component of the search path in turn until a match is found. Note that this process may be slow and will generate a lot of network traffic if the servers for the listed domains are not local. Also queries will time out if no server is available for one of the domains.

The search list is currently limited to six domains with a total of 256 characters.

sortlistaddresslist

Causes addresses returned by gethostbyname(3NSL)to be sorted in accordance with local rules. A sortlist is specified by IP address netmask pairs. The netmask is optional and defaults to the natural netmask of the net. The IP address and optional network pairs are separated by slashes. Up to 10 pairs may be specified. For example, the following specification requires gethostbyname() to return the netmask pair 130.155.160.0/255.255.240.0 ahead of the IP address 130.155.0.0.

sortlist
130.155.160.0/255.255.240.0
130.155.0.0

optionsoptionlist

Specifies optional behaviors for various resolver routines in accordance with optionlist values, each of which is equivalent to an internal resolver variable.

The values that may be included as individual optionlist values are:

debug: Sets RES_DEBUG in the _res.options field.
ndots:n: Sets a floor threshold for the number of dots which must appear in a name given to res_query() (see resolver(3RESOLV)) before an initial absolute (as-is) query is performed. The default for n is 1. Thus, if there are any dots in a name, the name is tried first as an absolute name before any search-list domain names are appended to it.
retry:n: Sets the number of attempts made to connect to each name server. While retry:0 is allowed, it is equivalent to retry:1. The default is 4.
retrans:n: Sets the basic retransmit timeout, in seconds. The default is 5. An exponential backoff algorithm is used, so the default values for retry and retrans result in 5+10+20+40=75 seconds of total timeout for each name server. While retrans:0 is allowed, it is equivalent to retrans:1.

The domain and search keywords are mutually exclusive. If more than one instance of these keywords is present, the last instance takes precedence.

The options established through any search lines in the local resolv.conf file can be overridden on a per-process basis by setting the environment variable, LOCALDOMAIN, to a space-separated list of search domains.

The options established through any options lines in the local resolv.conf file can be amended on a per-process basis by setting the environment variable, RES_OPTIONS, to a space-separated list of resolver options, These options are listed above under the options keyword.

The keyword-value pair must appear on a single line, and the keyword (for instance, nameserver) must start the line. The value or value list follows the keyword, separated from it by white space characters.

To protect /etc/resolv.conf from unauthorized modification, it must have a sensitivity label of ADMIN_LOW. The DNS name servers specified in these files can reside on either Trusted Solaris hosts or non-trusted hosts. Administrators are advised to configure only DNS name servers on Trusted Solaris hosts in the /etc/resolv.conf file.

SUMMARY OF TRUSTED SOLARIS CHANGES

/etc/resolv.conf must have a sensitivity label of ADMIN_LOW.

FILES

/etc/resolv.conf: Configuration file for name server routines.

Trusted Solaris 8 Reference Manual

in.named(1M), resolver(3RESOLV)

SunOS 5.8 Reference Manual

gethostbyname(3NSL), gethostname(3C)

Vixie, Paul;Dunlap, Keven J., Karels, Michael J., Name Server Operations Guide for BIND (public domain), Internet Software Consortium, 1996.

Trusted Solaris 8 Last Revised 9 Sep 1997

NAME | DESCRIPTION | SUMMARY OF TRUSTED SOLARIS CHANGES | FILES | SEE ALSO