On Tue, 19 Jan 1999 10:02:29 +0000 
 Ronald Khoo <ronald@demon.net> wrote:

 > It depends upon your definition of "common usage".  My preferred definition
 > would be "what the reference implementation does", which, according to
 > http://www.isc.org/bog-4.9.4/bog-sh-7.html#sh-7.3 (latest HTML version
 > available at the reference site :-) is:
 > 
 >         If DNS available, use DNS only, else use files

Looks like you could do:

	hosts: dns [notfound=return] files

This is even given as an example in nsswitch.conf(5) (sort of; the manual
uses passwd and group and nis).  This works because there is an implicit
"unavail=continue" and "success=return" (this is also documented in the
manual page, BTW).

 > I don't see how to configure a nsswitch.conf to give me this 
 > behaviour which is arguably the correct one.  (I haven't
 > upgraded yet, but I assume that an NXDOMAIN response
 > to a "dns, files" configuration would still result in
 > a bogus value in /etc/hosts being returned ?)

No, it's not arguably the correct one... at least you wouldn't be able
to convince _me_ of that :-)  (For example, I use network-10 for some
test network interfaces, and I don't put their symbolic names in the
DNS at work... I just have /etc/hosts entries for them.)

 > If your system as a whole (resolver, dns servers, network etc)
 > is correctly configured, you should not get annoying
 > timeouts.  Much worse is the very real likelihood that data in
 > /etc/hosts that was once crucial and correct is now neither, and leads
 > to strange behaviour.  One assumes that if the machine is up, then the
 > /etc/hosts data that was used to get it up is correct :-) but anything
 > else in there is suspect.

The only thing I have in my /etc/hosts is the stuff needed to get the
machine up, plus the stuff I mentioned above. :-)

        -- Jason R. Thorpe <thorpej@nas.nasa.gov>