Edit: Still worth putting thought into.
Originally posted February 3, 2015 on AIXchange
About a month ago this discussion hit the AIX mailing list. I’m posting the thread here to get your feedback.
First, the original question:
“Date: Tue, 6 Jan 2015 15:41:01 -0600
From: Russell Adams
Subject: Hostname as short name or FQDN?
Here’s a great question for the brain trust:
Which is actually the correct best practice for host names? The host name as a fully qualified domain name, or a short name?
Supporting documentation required! Thanks.”
And a reply:
“Date: Tue, 6 Jan 2015 22:25:52 +0000
From: Davignon, Edward
Subject: Re: Hostname as short name or FQDN?
Russell,
That is a really good question!
According to “man mktcpip”:
-h HostName
Sets the name of the host. If using a domain naming system, the domain and any subdomains must be specified. The following is the standard format for setting the host name:
hostname
The following is the standard format for setting the host name in a domain naming system:
hostname.subdomain.subdomain.rootdomain
That being said, many sites use only the short name for the hostname.
Also keep in mind that “/etc/rc.net” sets the node name (uname -n) to the short name and the hostid based on the hostname (actually its IP address as resolved). “/etc/rc.net” sets the hostname based on the name for inet0 in the ODM.
It also brings up the questions of how to best configure names and aliases in “/etc/hosts” and how best to configure these in DNS or other naming services, so they match gethostbyaddr. Some related files are “/etc/resolv.conf”, “/etc/irs.conf”, and “/etc/netsvc.conf”. It has long plagued the community when gethostbyaddr (or gethostbyname) return different responses on the database server and the application server, because /etc/hosts does not match DNS.
I ran into a problem with this once with an early version of the DataGuard installer from Oracle. It got confused, since it did not have the FQDN in the hostname. The Oracle install guide clearly stated that the FQDN was required. This was the only time I have seen this matter.
Since we often cannot control data returned by naming services, it may be better to make sure gethostbyaddr or gethostbyname (i.e. the “host” command) return the same thing on all of the servers that use the hostname of the server you are configuring.
From “man uname”: “-n” Displays the name of the node. This may be a name the system is known by to a UUCP communications network.”
Now, Russell’s reply to Edward:
“Date: Tue, 6 Jan 2015 16:32:29 -0600
From: Russell Adams
Subject: Re: Hostname as short name or FQDN?
A short hostname includes an empty subdomain.
I always use a short name, and then set domain in /etc/resolv.conf and ensure that the FQDN and short name are in /etc/hosts so reverse lookups fetch it.”
And finally, another reply from Edward:
“Date: Wed, 7 Jan 2015 14:58:54 +0000
From: Davignon, Edward
Subject: Re: Hostname as short name or FQDN?
A related question is how should /etc/hosts and DNS be configured for reverse lookups (i.e. lookups by address)?
Should /etc/hosts have “ipaddr fqdn shortname” or “ipaddr shortname fqdn”? Likewise for DNS, should the reverse lookup return “fqdn” or “shortname” or alternate using round robin?
I pose these as questions, but they are really things to check when troubleshooting applications that rely on name resolution.
DNS can be queried directly using “dig” or “nslookup”.
I have seen numerous misconfigured /etc/hosts files that don’t match DNS for reverse lookups. I have also seen DNS servers return “shortname” instead of “fqdn”. I have seen DNS alternate “fqdn” or “shortname”. I have also seen DNS return wrong domainnames, too.
Usually the problem I see is /etc/hosts has “ip shortname” or “ip shortname fqdn”, but DNS reverse lookups return “fqdn”. This causes inconsistency between the local server and the remove (app) servers, usually resulting in inconsistency of access controls between app servers, or an app server and its database server. This can also happen when someone changes /etc/netsvc.conf from empty to “hosts=local,bind4”. I use “grep ‘^[^#]’ /etc/netsvc.conf” to check it; it grabs non-blank lines that don’t start with a comment character.”
The discussion died out at this point, but it got me wondering what my readers typically do. I prefer to use a shortname for the host, and then make sure /etc/resolv.conf is set up correctly. Would any of you care to make an argument for having a FQDN in your environment?