What is the maximum limit of domains in a DNS search list?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux (RHEL)
  • glibc

Issue

  • Need more than 6 domains in the /etc/resolv.conf search list.
  • Only the first 6 domains in the search path are looked up by the resolver.

Resolution

  • RHEL 6
    • The search list is currently limited to six domains with a total of 256 characters.
  • RHEL 7
    • Update to glibc-2.17-222.el7 (or newer) made available via RHSA-2018:0805
    • Update to man-pages-overrides-7.8.1-1.el7 (or newer) made available via RHBA-2020:1025 for the man resolv.conf search limit correction.
  • RHEL 8
    • Released with glibc-2.28-42.el8; therefore, does not have six search domain limit.
    • The man resolv.conf search limit correction is being tracked in: Bug 1928160 and is targeting the RHEL 8.5 release.

  • Note: Programs that do not make use of the glibc's resolver calls may have their own limitations. For example, bind-utils provided utilities like host, dig, or nslookup have a maximum of 8 search domains.

    # rpm -qf /usr/include/bind9/lwres/lwres.h
bind-devel-9.11.26-4.el8_4.x86_64

# grep define.*LWRES_CONFMAXSEARCH //usr/include/resolv.h /usr/include/bind9/lwres/lwres.h 
/usr/include/bind9/lwres/lwres.h:#define LWRES_CONFMAXSEARCH 8      /*%< max 8 domains in "search" entry */

Root Cause

In glibc 2.25 and earlier, the search list is limited to six domains with a total of 256 characters. Since RHEL 7 glibc-2.17-222.el7 & upstream glibc 2.26 the search list is unlimited. However, please note that additional search entries may add significant overhead to DNS processing; consider running a local caching resolver if the number of entries exceeds three.

Diagnostic Steps

On older versions of glibc the search list is limited to six domains with a total of 256 characters.

# rpm -qf /usr/include/resolv.h
glibc-headers-2.12-1.212.el6_10.3

# grep -e define.*MAXDNSRCH /usr/include/resolv.h 
# define MAXDNSRCH      6   /* max # domains in search path */

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments