Re: Routers and resolv.conf: [was: extremely slow to ssh out from my machine]

To: debian-user@lists.debian.org
Subject: Re: Routers and resolv.conf: [was: extremely slow to ssh out from my machine]
From: Mitchell Laks <mlaks@verizon.net>
Date: Mon, 28 Feb 2005 08:42:02 -0500
Message-id: <[🔎] 200502280842.02167.mlaks@verizon.net>
In-reply-to: <[🔎] 1109587861.16312.24.camel@localhost.localdomain>
References: <[🔎] 20050228112550.A28103@fb3-s4.math.tu-berlin.de> <[🔎] 1109587861.16312.24.camel@localhost.localdomain>

Dear Michael,
Previous respondents said:
> > I agree with Lee about how your resolv.conf gets constructed. However the
> > problem still is that the router (who apparently behaves as if it were a
> > query-forwarding DNS server) doesn't respond to DNS queries... is there a
> > config option in your router to disable the router-internal DNS server
> > (and to forward the ISP nameservers directly)?
> > If not, you can only hardwire your resolv.conf to the two other
> > nameservers above, and prevent it from being rebuilt. (IIRC, there is a
> > package "resolvconf" that rebuilds this file on every reboot from various
> > sources, among them information received via DHCP - deinstalling it or at
> > least removing it from /etc/rc*.d/ should fix that)
> >
> > HTH,
> >
> > Jan (now replying from a different address)
>
> I'm at work now but will look into these when I get home this evening;
> thanks, Michael

I have had similar issues, and discovered that the 5 second (or perhaps in my 
opinion two 10 second) pauses is in fact a reverse dns failure. You do ssh 
192.168.1.25 and then (apparently) the tcpwrappers program asks "who is 
192.168.1.25" to reverse dns. 

Now you really dont care what the hostname is of  192.168.1.25 is, but the 
tcpd tcp/ip daemon wrapper program by Professor Wietse Venema 
is doing this checking 
( look at 
 man 8 tcpd  , 
man hosts.allow or 
man hosts.deny).

So you can either set up a dnsserver on your router to answer questions like 
this or alteranatively, just add  a line to your /etc/hosts file of the 
following sort

192.168.1.25 fred 
where fred is the hostname  of the box that is trying to ssh in. This  will 
immediately short circuit the whole reverse dns nonsense.

If you have a properly configured dns server all will work, but laptops tend 
to have this problem when they point to dns servers on the internet when your 
lan is disconnected from the internet.

I dont know why i didnt have this problem using fedora core or redhat 7.3. I 
never configured a dns server before on my old machines which ran fedora and 
they seem to  have the same wrappers programs. So if i didnt want to set up a 
dns server i just added stuff to /etc/hosts.

If you find out more let me know.
Mitchell Laks 

>
>
> --
> Michael Bane
> Atmospheric Physics Group
> University of Manchester

Reply to:

Follow-Ups:
- Re: Routers and resolv.conf: [was: extremely slow to ssh out from my machine]
  - From: "Jan C. Nordholz" <jckn@gmx.net>

References:
- Re: Routers and resolv.conf: [was: extremely slow to ssh out from my machine]
  - From: Jan Nordholz <hesso@pool.math.TU-Berlin.DE>
- Re: Routers and resolv.conf: [was: extremely slow to ssh out from my machine]
  - From: michael <linux@networkingnewsletter.org.uk>

Prev by Date: Re: dell 2850 kernel 2.6.10 very slow (update)
Next by Date: Sarge on Dell Optiplex GX 280 / boot hangs
Previous by thread: Re: Routers and resolv.conf: [was: extremely slow to ssh out from my machine]
Next by thread: Re: Routers and resolv.conf: [was: extremely slow to ssh out from my machine]
Index(es):
- Date
- Thread