reverse dns lookup problem on ssh debian vs redhat
Hi! I recently switched to debian Sarge (and sid) for all of my work (YAY I
LOVE IT!).
Now, until now, I had been using redhat 7.3 for my servers. I have many redhat
7.3 servers, and now, I have installed 2 debian sarge servers (i know it is
not yet released, but I have tested it for months and am perfectly happy).
Now I notice a problem with reverse DNS that I did not have with Redhat 7.3. I
am curious to understand the differences. Although it is installed, I never
properly configured bind9 on these machines. Similarly the redhat 7.3
machines didnt even have bind installed at all.
I have /etc/resolv.conf set up with the 2 nameservers provided by my ISP. If
my local (192.168.99.X) network is connected to the internet, and can access
the nameservers provided by my ISP, (151.202.0.84 say), then if I try to ssh
into one of my Debian Sarge machines, I get an immediate response when I "ssh
192.168.99.76" into one of my machines on my private network.
However, if my private network is disconnected from the main internet and thus
my Debian machines are not connected to the internet, and can't contact my
ISP's nameservers, then I get a 20 second delay while we timeout ( that is 2
nameservers, 2 attempts per nameserver and 5 second timeout). I can easily
shortcircuit this timeout by putting a line
"options timeout:0 attempts:0" into the /etc/resolv.conf file.
I can similarly shortcircuit this timeout by actually putting the ip address
that I am ssh'ing from into /etc/hosts so that no reverse dns takes place.
I realize that I should actually set up the machine itself to provide dns
service itself, and not rely upon the nameservers provided by my ISP (say by
configuring bind9 and the correct local domain reverse dns lookup service or
else installing djbdns ).
However, I am puzzled. As I have been using redhat 7.3 for servers on a
private network for many years, without using bind (8 or 9), and I have just
been doing ssh 192.168.99.75 and getting immediate access even though there
was no nameserver at all listed in /etc/resolv.conf on the redhat machines.
Ie on the redhat machines /etc/resolv.conf simply consisted of the single
line
"search localhost".
If I change the /etc/resolv.conf on the debian box to the same "search
localhost" line, I get a 10 second timeout (not 20 second where there are two
not reachable nameservers).
Any idea what is the difference in the setup here??? What did they do in
redhat to disable or shortcircuit the reverse dns lookup? It doesn't look
like redhat set up a caching reverse dns server, because bind isn't installed
on my redhat 7.3 machines.
This is important for other network services besides ssh.
Thanks a million!
Mitchell
Reply to: