how to edit /etc/hosts file to resolve domain name to local IP address?

General support questions including new installations

how to edit /etc/hosts file to resolve domain name to local IP address?

Postby gkdsp » 2012/03/27 01:17:58

Hi, is there a way I can edit my /etc/hosts file to resolve the hostname to a local network IP address? Currently the /etc/hosts file only has the external IP address there, with a bunch of variations for the host name.

For example, I have two servers comprising a local network. One server is host2@mydomain.com at 192.168.0.1 and the other is host3@mydomain.com at 192.168.0.2.

The servers will still need to accept and work with external networks using their hostnames, as done currently. But, additionally I want traffic on the local network using hostnames of host2@mydomain.com and host3@mydomain.com to be recognized as on the local network and revert to IP addresses of the local network rather than use the external IP addresses (which would send the traffic onto the external network and make for a much larger distance to travel) when talking to each other.

The situation I'm experiencing is, host2@mydomain.com receives incoming traffic from host3@mydomain.com, and rather than use the local IP address to send traffic back, host2@mydomain.com sends traffic back to host3@mydomain.com using host3@mydomain.com hostname.

Can /etc/hosts be edited such that traffic received on host2@mydomain.com from host3@mydomain.com is sent back to host3@mydomain.com using the local IP address of 192.168.0.2? If so, I'll change it similarly on both servers.

Is there anything special I need to do to ensure ALL applications revert to the local IP addresses when communicating to each other on the local network? Some applications, like Oracle database, can only use a hostname with external IP address, and so there's no option to include the local IP address. I'm hoping /etc/hosts can achieve this for me. Thanks in advance for any comments.
gkdsp
 
Posts: 16
Joined: 2012/02/15 20:40:20

Re: how to edit /etc/hosts file to resolve domain name to local IP address?

Postby gkdsp » 2012/03/27 11:08:51

The above is a generic request how to setup the servers so their applications always communicate with each other using local IP addresses. This question was prompted by the following situation (that the answer must address):

A particular application vendor has a product A on serverA (at 192.168.0.1), and a product B on serverB (at 192.168.0.2).
Product B knows to talk to Product A on port 12356, but the firewall on serverA only opens port 12345 for 192.168.0.2 using the following code in serverA's csf.allow file:

tcp:in:d=12345:s=192.168.0.2
tcp:out:d=12345:s=192.168.0.2
tcp:in:d=12345:s=192.168.0.1
tcp:out:d=12345:s=192.168.0.1

The thinking for opening port 12345 for only 192.168.0.2 is that this port's use is only intended for the two servers to talk to each other (no traffic from the outside world ever needs to use this port).

When the applications first talk to each other, Product A (as part of its message data) tells Product B that its host name is host2.mydomain.com.
Nothing I can do inside the application can change this.
Thus, when Product B sends traffic to Product A on serverA, Product B uses host2.mydomain.com:12345, which gets blocked by the firewall.

Could I place in serverB's /etc/host file, the following line?

192.168.0.1 host2.mydomain.com

the thinking being that, when Product B sends traffic to host2.mydomain.com:12345, that somehow serverB automagically routes it to 192.168.0.1:12345 instead of host2.mydomain.com:12345?

Alternatively I could open up the firewall on serverA port 12345 to accept traffic being sent to host2.mydomain.com by adding to the csf.allow file on serverA the following,

tcp:in:d=12345:s=xxx.xxx.xxx.xxx
tcp:out:d=12345:s=xxx.xxx.xxx.xxx

or, I don't know if this is the right format, but something like,

tcp:in:d=12345:s=host2.mydomain.com
tcp:out:d=12345:s=host2.mydomain.com

(where xxx.xxx.xxx.xxx is the external IP address for serverA, which the /etc/hosts file on serverA resolves to host2.mydomain.com) but this doesn't follow the main intention which is to keep all traffic between the two servers on the local network. For example, if serverB sends traffic to serverA using address host2.mydomain.com:12345 I worry that this traffic will get routed through the external internet before arriving at serverA, which should be prevented (hopefully by some possible modification to /etc/hosts on one or both of the servers).
gkdsp
 
Posts: 16
Joined: 2012/02/15 20:40:20

how to edit /etc/hosts file to resolve domain name to local

Postby pschaff » 2012/03/27 20:56:42

That all seems rather confusing to me. If you have Internet accessible hostnames, such as host3.mydomain.com, that are connecting to systems with non-routing private addresses like 192.168.0.2, then you are apparently using port forwarding through a router to accomplish that. Trying to use the same external hostnames for local access on the LAN is bound to lead to confusion. The way I would go about it is to create distinct names on the LAN for local access, such as host3.mylan at 192.168.0.2. This could be done either through /etc/hosts or by use of a local DNS server, possibly using DHCP by MAC address.

An entry for the /etc/hosts approach would look like:
Code: Select all
192.168.0.2    host3.mylan   host3

Internal systems could refer to the system as host3.mylan or host3.
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America

Re: how to edit /etc/hosts file to resolve domain name to local IP address?

Postby sarmed » 2012/03/28 04:42:43

Have you considered iptables? A DNAT might do the trick. I'm not quite sure, but you may try the following line (I'm assuming they're not mission critical servers and both use TCP)

[root@ServerB ] # iptables -t nat -A OUTPUT -d 192.168.0.1 -p tcp --dport 12345 -j DNAT --to 192.168.0.1:12356

Hope it helps.
sarmed
 
Posts: 16
Joined: 2012/03/27 04:26:42
Location: Dhaka, Bangladesh

Re: how to edit /etc/hosts file to resolve domain name to local IP address?

Postby vanecka » 2012/04/17 22:16:45

It is possible but could be a bit confusing maintaining.
Ensure that you edit the /etc/hosts files on both servers eg.:
192.168.0.1 host2.mydomain.com host2
192.168.0.2 host3.mydomain.com host3
...
...

Also ensure that the configuration files (/etc/nsswitch.conf) on both servers contain the line:
hosts: files dns

This will ensure that the IP address will be looked up in /etc/hosts and if it is not in the file, a nslookup will be done against your configured (/etc/resolv.conf) name server.
However, if someone connects from outside your domain/network, host2.mydomain.com will resolve to the public iP address. Local traffic should then go through the private interfaces.

To test it, try to ping the host name, it should resolve to the private IP.
vanecka
 
Posts: 27
Joined: 2010/01/28 21:05:11
Location: University of the Free State - South Africa


Return to CentOS 5 - General Support

Who is online

Users browsing this forum: No registered users and 2 guests