TCP/IP Configuration Files on a Linux Operating System

By Emmett Dulaney

You can configure TCP/IP networking when you install Linux. If you want to manage the network on a Linux system effectively, however, you need to become familiar with the TCP/IP configuration files so that you can edit the files, if necessary. (If you want to check whether the name servers are specified correctly, for example, you have to know about the /etc/resolv.conf file, which stores the IP addresses of name servers.)

The table below summarizes the basic TCP/IP configuration files.

Basic TCP/IP Network Configuration Files</caption<
This File Contains the Following
/etc/hosts IP addresses and host names for your local network as well as any other systems that you access often
/etc/networks Names and IP addresses of networks
/etc/host.conf Instructions on how to translate host names into IP addresses
/etc/resolv.conf IP addresses of name servers
/etc/hosts.allow Instructions on which systems can access Internet services on your system
/etc/hosts.deny Instructions on which systems must be denied access to Internet services on your system
/etc/nsswitch.conf Instructions on how to translate host names into IP addresses

A pound sign (#) in a text file indicates a comment.

/etc/hosts on a Linux system

The /etc/hosts text file contains a list of IP addresses and host names for your local network. In the absence of a name server, any network program on your system consults this file to determine the IP address that corresponds to a host name. Think of /etc/hosts as the local phone directory where you can look up the IP address (instead of a phone number) for a local host.

Here’s the /etc/hosts file from a system, showing the IP addresses and names of other hosts on a typical LAN:

127.0.0.1 localhost localhost.localdomain
# Other hosts on the LAN
192.168.0.100 lnbp933
192.168.0.50 lnbp600
192.168.0.200 lnbp200
192.168.0.233 lnbp233
192.168.0.40 lnbp400

As the example shows, each line in the file starts with an IP address followed by the host name for that IP address. (You can have more than one host name for any given IP address.) In some distributions, such as openSUSE, the /etc/hosts file has the following: IP-Address, Fully-Qualified-Hostname, Short-Hostname. In all cases, anything after the host name (such as Short-Hostname) is taken to be an alias.

/etc/networks on a Linux system

/etc/networks is another text file that contains the names and IP addresses of networks. These network names are commonly used in the routing command (/sbin/route) to specify a network by its name instead of by its IP address.

Don’t be alarmed if your Linux PC doesn’t have the /etc/networks file. Your TCP/IP network works fine without this file. In fact, the Linux installer doesn’t create a /etc/networks file.

/etc/host.conf on a Linux system

Linux uses a special library (collection of computer code) called the resolver to obtain the IP address that corresponds to a host name. The /etc/host.conf file specifies how names are resolved (that is, how the name gets converted to a numeric IP address). A typical /etc/host.conf file might contain the following lines:

order hosts, bind
multi on

The entries in the /etc/host.conf file tell the resolver what services to use (and in which order) to resolve names.

The order option indicates the order of services (in recent distributions, the nsswitch.conf file). The sample entry tells the resolver to first consult the /etc/hosts file and then check the name server to resolve a name.

Use the multi option to indicate whether a host in the /etc/hosts file can have multiple IP addresses. Hosts that have more than one IP address are called multihomed because the presence of multiple IP addresses implies that the host has several network interfaces. (In effect, the host lives in several networks simultaneously.)

/etc/resolv.conf on a Linux system

The /etc/resolv.conf file is another text file used by the resolver — the library that determines the IP address for a host name. Here’s a sample /etc/resolv.conf file:

nameserver 192.168.0.1 # dhcp: eth0
search nrockv01.md.comcast.net

The nameserver line provides the IP addresses of name servers for your domain. If you have multiple name servers, list them on separate lines. They’re queried in the order in which they appear in the file.

The search line tells the resolver how to search for a host name. When you’re trying to locate a host name myhost, for example, the search directive in the example causes the resolver to try myhost.nrockv01.md.comcast.net first, then myhost.md.comcast.net, and finally myhost.comcast.net.

If you don’t have a name server for your network, you can safely ignore this file. TCP/IP still works, even though you may not be able to refer to hosts by name (other than those listed in the /etc/hosts file).

/etc/hosts.allow on a Linux system

The /etc/hosts.allow file specifies which hosts are allowed to use the Internet services (such as Telnet and FTP) running on your system. This file is consulted before certain Internet services start. The services start only if the entries in the hosts.allow file imply that the requesting host is allowed to use the services.

The entries in /etc/hosts.allow are in server:IP address format, where server refers to the name of the program providing a specific Internet service and IP address identifies the host allowed to use that service. If you want all hosts in your local network (which has the network address 192.168.0.0) to access the Telnet service (provided by the in.telnetd program), add the following line to the /etc/hosts.allow file (the last octet is left off to signify all possibilities within that range):

in.telnetd:192.168.0.

If you want to let all local hosts have access to all Internet services, you can use the ALL keyword and rewrite the line as follows:

ALL:192.168.0.

Finally, to open all Internet services to all hosts, you can replace the IP address with ALL, as follows:

ALL:ALL

You can also use host names in place of IP addresses.

To find out the detailed syntax of the entries in the /etc/hosts.allow file, type man hosts.allow at the shell prompt in a terminal window.

/etc/hosts.deny on a Linux system

The /etc/hosts.deny file is the opposite of /etc/hosts.allow. Whereas hosts.allow specifies which hosts may access Internet services (such as Telnet and TFTP) on your system, the hosts.deny file identifies the hosts that must be denied services. The /etc/hosts.deny file is consulted if no rules in the /etc/hosts.allow file apply to the requesting host. Service is denied if the hosts.deny file has a rule that applies to the host.

The entries in /etc/hosts.deny file have the same format as those in the /etc/hosts.allow file; they’re in server:IP address format, where server refers to the name of the program providing a specific Internet service and IP address identifies the host that must not be allowed to use that service.

If you already set up entries in the /etc/hosts.allow file to allow access to specific hosts, you can place the following line in /etc/hosts.deny to deny all other hosts access to any service on your system:

ALL:ALL

To find out the detailed syntax of the entries in the /etc/hosts.deny file, type man hosts.deny at the shell prompt in a terminal window.

/etc/nsswitch.conf on a Linux system

The /etc/nsswitch.conf file, known as the name service switch (NSS) file, specifies how services such as the resolver library, NIS, NIS+, and local configuration files (such as /etc/hosts and /etc/shadow) interact.

NIS and NIS+ are network information systems — another type of name-lookup service. Newer versions of the Linux kernel use the /etc/nsswitch.conf file to determine what takes precedence: a local configuration file, a service such as DNS (Domain Name System), or NIS.

As an example, the following hosts entry in the /etc/nsswitch.conf file says that the resolver library first tries the /etc/hosts file, then tries NIS+, and finally tries DNS:

hosts: files nisplus dns

You can find out more about the /etc/nsswitch.conf file by typing man nsswitch.conf in a terminal window.