Search List

The primary DNS suffix and any connection-specific suffixes determine the default search list. The search list was designed to make users' lives a little easier by saving them some typing. The idea is to search one or more domains for incomplete names— that is, names that might not be fully qualified domain names.

Most Windows networking commands that take a domain name as an argument, such as ftp and ping, apply the search list to those arguments.

With the Windows 2000 resolver, a user can indicate that a domain name is fully qualified by adding a trailing dot to it.21 For example, the trailing dot in the command:

C:\> ftp ftp.oreilly.com.

means "don't bother searching any other domains; this domain name is fully qualified." This is analogous to the leading backslash in full pathnames in the Windows filesystem. Pathnames without a leading backslash are interpreted as relative to the current working directory while pathnames with a leading backslash are absolute, anchored at the root.

The default search list includes the primary DNS suffix and any connection-specific suffixes. If the Append parent suffixes of the primary DNS suffix box is checked (see Figure 6-7), each of the primary DNS suffix's parent domains with two or more labels is also included in the default search list. So on a Windows 2000 host

configured with a primary DNS suffix of cv.hp.com and the Append parent suffixes of the primary DNS suffix box checked, the default search list would contain first cv.hp.com, the primary DNS suffix, then hp.com (the primary DNS suffix's parent), but not com, as it has only one label.22

The search list is usually applied after the name is tried as-is. As long as the argument you type has at least one dot in it, it's looked up exactly as you typed it before any element of the search list is appended. If that lookup fails, the search list is applied. Why is it better to try the argument first if it contains one or more dots? From experience, people who wrote resolvers found that, more often than not, if a user bothered to type in a name with even a single dot in it, she was probably typing in a fully qualified domain name without the trailing dot. Better to see right away whether

21

Note that we said the resolver can handle a trailing dot. Some programs, particularly mail user agents, don't deal correctly with a trailing dot in email addresses. They cough even before they hand the domain name in the address to the resolver. 22

One reason resolvers don't append just the top-level domain is that there are few hosts at the second level of the Internet's namespace, so just tacking on com or edu to foo is unlikely to result in the domain name of a real host. Also, looking up the address of foo.com or foo.edu might well require sending a query to a root name server, which taxes the roots and can be time-consuming.

the name was a fully qualified domain name than to create nonsense domain names unnecessarily by appending the elements of the search list to it.

Thus, a user typing:

C:\> telnet pronto.cv.hp.com

causes a lookup of pronto.cv.hp.com first since the name contains three dots, which is certainly more than one. If the resolver doesn't find an address for pronto.cv.hp.com, it then tries pronto.cv.hp.com.cv.hp.com, and, if necessary, pronto.cv.hp.com.hp.com. A user typing:

C:\> telnet asap

on the same host causes the resolver to look up first asap.cv.hp.com and then asap.hp.com,if necessary, but not just asap.

Note that application of the search list stops as soon as a prospective domain name finds the needed data. In the asap example, the search list would never get around to appending hp.com if asap.cv.hp.com resolved to an address.

6.2.2.1 Setting the search list manually

What if you don't like the default search list you get when you set your local domain? Windows lets you set the search list explicitly, domain name by domain name, in the order in which you want the domains searched. You do this with the Append these DNS suffixes (in order) field on the main resolver configuration window (Figure 6- 8).

You can add as many domain names as you like to this field,23 in the order in which you want them appended, and this becomes the host's search list. Setting the search list with Append these DNS suffixes (in order) overrides the default search list. The user interface is simple to use: click Add... to add a domain name to the list; select a domain name and click Remove to remove it from the list; or click Edit... to change the domain name. You can also use the Up and Down arrow buttons to reorder the list. The basic search algorithm still applies: the resolver looks up domain name arguments as-is if they contain at least one dot.

The settings shown in Figure 6-8, for example, instruct the resolver to search the corp.hp.com domain first, then paloalto.hp.com, then both domains' parent, hp.com.

23

Figure 6-8. A search order example

This setup might be useful on a host whose users frequently access hosts in both corp.hp.com and paloalto.hp.com. On the other hand, the configuration shown in Figure 6-9 has the resolver search only corp.hp.com (and not that domain's parent, hp.com) when the search list is applied.

This might be useful if the host's users access hosts only in the local domain or if connectivity to the parent name servers isn't good, because the configuration minimizes unnecessary queries to the parent name servers.

Figure 6-9. Another search order example