Bug#341042: ssh: Slow Connections Due to Bogus IPv6 name resolution

[Roger Leigh <rleigh@whinlatter.ukfsn.org>]

Colin Watson wrote:
> On Mon, Aug 27, 2007 at 12:41:16AM +0200, Juliusz Chroboczek wrote:
> > I haven't checked myself, but this has most probably been fixed by 
> > GNU libc 2.5.  (Getaddrinfo now sorts addresses according to RFC 3484.)
>
> I'm not sure I see why sorting would make any difference. The complaint
> is that the AAAA name resolution itself takes a long time, not that it
> takes a long time to connect to the address returned by the resolver.
>
> The any/local-ipv6-lookup patch in Debian's glibc is really the only way
> to solve this, I think, but unfortunately that caused breakage
> (#441857). Roger, do you have any thoughts as to how these two
> apparently conflicting requirements (avoiding slow AAAA resolution for
> people with non-global IPv6 addresses who really have no meaningful IPv6
> connectivity vs. people who actually care about local IPv6 services)
> might be reconciled?

I don't think there's a simple answer to the problem.  The patch to 
avoid unnecessary ipv6 lookups seemed to be a clean solution to the 
problem, up until I discovered it broke local ipv6 networking.

I don't always use ipv6-enabled systems, and I don't see the slowness in 
name resolution.  I think it might be useful to ask the question "why is 
the AAAA name resolution so slow in certain cases"?  Is this something 
which is our fault, or something we can work around?  Or, is it the 
fault of the nameservers being used, and why?

Can you switch to a different set of nameserver(s) to see if a properly 
ipv6-capable server gives better performance.  E.g. OpenDNS?


Thanks,
Roger

PS: Merry Christmas!