/etc/hosts usage (effectiveness) depends entirely on the /etc/nsswich.conf file as well as the /etc/resolv.conf file. All command like ping, telnet ftp, etc will call the hostname-to-IP resolver routines which in turn will follow the directions in the two files. If you do not have /etc/resolv.conf, then use nslookup to verify that the hostname is known in /etc/hosts. If you do have /etc/resolv.conf, then resolver behavior is more complicated:
1. No /etc/nsswitch.conf but /etc/resolv.conf exists, then use the DNS server(s) listed in the resolv.conf file.
2. If /etc/nsswitch.conf exists, then follow the rules in the line: hosts
The most commonly expected behavior is to look in /etc/hosts first and then try the DNS server(s), but this isn't the default in nsswitch.conf. Change the hosts: line to read:
hosts: files[NOTFOUND=continue UNAVAIL=continue] dns [NOTFOUND=return UNAVAIL=continue TRYAGAIN=return]
Now use nslookup to find various hostnames. nslookup will report where it was able to locate an IP for a given name. The two files mentioned are dynamic and examined on every lookup.
As far as NTP, don't try to configure NTP until you test the ability to reach your time servers (notice plural? always use 3 to 6 different time servers). Use the ntpq program to test the connection:
ntpq -p clock1.unc.edu
You will get two possible responses: failure to reach the target computer (almost always due to your firewall that has locked out port 123), or a list of the time servers used by this NTP server. If your network administrators won't allow port 123, ask them to configure NTP on the firewall so you can point your systems to the firewall for NTP service.
Once you have a working ntpq, edit the netdaemons file to reflect the default NTP server used to set the time at bootup:
export NTPDATE_SERVER=clock1.unc.edu
XNTPD=1
export XNTPD_ARGS=
Whern your system boots, clock1.unc.edu will set your time to the current time. Now being off by 5 hours is very unusual, so don't make any manual changes to the current date/time until you verify the timezone setting:
echo $TZ
This translates the only time kept on the system, GMT or UTC/Zulu time. If your TZ value does not your primary timezone, set it in the file /etc/TIMEZONE after looking at the manpage for tztab and the comments in tztab.
Now NTP will NOT change the time at all if the difference between your GMT/UTC setting is off by more than 1024 seconds (17 minutes). You can use the ntpdate command to force the date/time but make sure no programs are running that will get confused by the time change. A reboot eliminates this problem once you configure netdaemons with a valid NTP server.
Note that ping is no longer a dependable tool for Internet queries. Way too many hackers use ping to discover potential targets for destruction so prudent network administrators turn off ping responses, especially on specialized sites like NTP. ntpq is the query tool of choice.
Bill Hassell, sysadmin
