Re: "jerks" in net connections
On Sat, May 4, 2013 at 4:37 PM, Andrei POPESCU <andreimpopescu@gmail.com> wrote:
> On Sb, 04 mai 13, 19:15:43, andrey.rybak@bilkent.edu.tr wrote:
>> hi all!
>> Some time ago i get next problem.
>> Net connections start work by"by jerks". In case of ssh session it look
>> like this: i can put my command in bash shell but some time (from 10 to 20
>> seconds) screen is frozen. After that: input and output of the session for
>> some time work as usual.
>> I have no idea how i can diagnose this problem. What i should check?
>
> DNS. As far as I remember there was quite recently a problem just like
> yours discussed here on debian-users, you could search the archives (if
> you haven't already).
Indeed, the sshd daemon is configured to do a reverse DNS query for
each connection request. Since you're using local IP's and have no
reverse DNS setup (I assume...) those queries time out.
It's not really necessary to do a reverse DNS search to authenticate a
client, since in an untrusted network, the DNS server could be
compromised too (someone correct me if I'm wrong), and you'll do
public key challenges or ask for a password anyway so you can safely
disable this.
You'll need to add "UseDNS no" on the server /etc/ssh/sshd_config to do it.
Guido
Reply to: