Fix an application misrouting issue caused by a bad /etc/hosts override that forces
portal.lab.local to resolve to 127.0.0.1 instead of DNS.
Confirm the resolution path, remove the override safely, verify DNS resolution to 10.0.2.50,
then validate the HTTP endpoint.
Users report the internal app at portal.lab.local is loading the wrong environment.
The ticket notes: “It looks like this host resolves portal.lab.local to 127.0.0.1.”
You must confirm the resolution path, remove any bad /etc/hosts override, verify DNS is used,
and confirm the service is reachable.
portal.lab.local should resolve to 10.0.2.50. Verification target:
http://portal.lab.local.
portal.lab.local resolves to on this host./etc/hosts override that forces a bad mapping.
Hostname resolution on Linux typically follows the system NSS configuration (often /etc/nsswitch.conf),
and /etc/hosts frequently takes precedence over DNS.
dig shows (ignores /etc/hosts).getent and dig disagree, you likely have a local override.
Use getent hosts to confirm what applications actually see. Use dig to confirm what DNS says.
When they differ, trust getent for user impact.
portal.lab.local resolves to (NSS vs DNS).
getent hosts portal.lab.local
getent ahosts portal.lab.local
dig +short portal.lab.local
getent tests the system’s real resolution path (NSS), which can include /etc/hosts before DNS.
dig queries DNS directly and will not show /etc/hosts overrides.
# Example mismatch:
127.0.0.1 portal.lab.local
# DNS:
10.0.2.50/etc/hosts override.
grep -n 'portal.lab.local' /etc/hosts
Any mapping for portal.lab.local here will typically win over DNS for normal system tools.
# Example:
6:127.0.0.1 portal.lab.local portalsudoedit /etc/hosts
# OR
sudo vim /etc/hosts
# OR
sudo vi /etc/hosts
# OR
sudo nano /etc/hosts
Remove only the bad mapping and keep legitimate entries intact. sudoedit is a safe default because it edits a temp file
and then writes back with the correct permissions.
# Remove:
127.0.0.1 portal.lab.local portal10.0.2.50.
getent hosts portal.lab.local
dig +short portal.lab.localAfter removing the override, NSS should fall back to DNS and return the ticketed IP.
10.0.2.50 portal.lab.localresolvectl status
cat /etc/resolv.conf
Confirm the host is pointed at the expected DNS server (in this environment, typically 10.0.2.3).
curl -I http://portal.lab.local
curl -sS http://portal.lab.local | head
This confirms correct resolution plus service reachability. If DNS looks correct but HTTP fails,
pivot to service health on 10.0.2.50, firewalling, routing, or application issues.
HTTP/1.1 200 OK
The issue may be caching (browser, proxy, CDN), a load balancer routing problem, or an application-side environment mapping issue.
Prove which backend you reached with curl -v or app headers.
DNS may be down or the zone is missing records. Confirm the configured DNS server is reachable and validate resolution against the DNS server directly.
Check for additional aliases in /etc/hosts (another line), or an application/container using its own hosts file or custom resolver.
Test reachability to the IP directly (curl -I http://10.0.2.50) and confirm the service is listening and allowed through firewall policy.
If you need to restore the previous lab state, you can re-add the bad mapping. Do this only in a lab environment.
sudoedit /etc/hosts
# Add back (lab-only):
# 127.0.0.1 portal.lab.local portal
getent hosts portal.lab.local
dig +short portal.lab.localgetent hosts <name>: resolve a hostname through the system NSS stack.getent ahosts <name>: show resolved address records as seen by NSS.dig +short <name>: query DNS directly (ignores /etc/hosts)./etc/hosts: local hostname-to-IP override file (often takes precedence over DNS).grep -n <pattern> /etc/hosts: find matching entries with line numbers.sudoedit /etc/hosts: safely edit a root-owned file via a temp copy.resolvectl status: show active resolver configuration (systemd-resolved)./etc/resolv.conf: resolver config file (often generated by NetworkManager/systemd-resolved).curl -I <url>: fetch HTTP headers to confirm reachability and response.