nss-resolve
systemd
nss-resolve
8
nss-resolve
libnss_resolve.so.2
Hostname resolution via systemd-resolved.service
libnss_resolve.so.2
Description
nss-resolve is a plug-in module for the GNU Name Service Switch (NSS) functionality of the
GNU C Library (glibc) enabling it to resolve hostnames via the
systemd-resolved8 local network
name resolution service. It replaces the nss-dns plug-in module that traditionally resolves
hostnames via DNS.
To activate the NSS module, add resolve [!UNAVAIL=return] to the line starting
with hosts: in /etc/nsswitch.conf. Specifically, it is
recommended to place resolve early in /etc/nsswitch.conf's
hosts: line. It should be before the files entry, since
systemd-resolved supports /etc/hosts internally, but with
caching. To the contrary, it should be after mymachines, to give hostnames given to
local VMs and containers precedence over names received over DNS. Finally, we recommend placing
dns somewhere after resolve, to fall back to
nss-dns if systemd-resolved.service is not available.
Note that systemd-resolved will synthesize DNS resource records in a few cases,
for example for localhost and the current local hostname, see
systemd-resolved8 for
the full list. This duplicates the functionality of
nss-myhostname8, but
it is still recommended (see examples below) to keep nss-myhostname configured in
/etc/nsswitch.conf, to keep those names resolveable if
systemd-resolved is not running.
Please keep in mind that nss-myhostname (and nss-resolve) also resolve
in the other direction — from locally attached IP addresses to
hostnames. If you rely on that lookup being provided by DNS, you might
want to order things differently.
Communication between nss-resolve and
systemd-resolved.service takes place via the
/run/systemd/resolve/io.systemd.Resolve AF_UNIX socket.
Example
Here is an example /etc/nsswitch.conf file that enables nss-resolve
correctly:
passwd: compat systemd
group: compat [SUCCESS=merge] systemd
shadow: compat systemd
gshadow: files systemd
hosts: mymachines resolve [!UNAVAIL=return] files myhostname dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
See Also
systemd1,
systemd-resolved8,
nss-systemd8,
nss-myhostname8,
nss-mymachines8,
nsswitch.conf5