Robert Marella wrote:
Jonathan Chen wrote:
On Sun, Jun 05, 2005 at 04:49:26PM -1000, Robert Marella wrote:
Jonathan Chen wrote:
[...]
It's not the forward case that's the problem. The sshd daemon on the
server side attempts to find out where the connection is from by doing
a reverse-lookup. If the incoming IP hasn't got a DNS entry, the
failing
DNS ip-lookup will time out in ~30s.
Thanks for responding. In all of my systems /etc/hosts is populated
with the name and LAN IP address of all other boxes. My
gateway/firewall is a 5.4 Rel computer. I can ping that box "it's
called gateway" with ping gateway or ping 10.0.0.1 no problem.
What does "dig -x 10.0.0.1" on the ssh-server box give you? Looks like
you need to set up a internal DNS server to resolve these sort of
problems.
Cheers.
Jonathan
from my gateway box. The 24.25.227.64 is also found in resolv.conf placed
there by dhcpd from roadrunner.
[EMAIL PROTECTED]:~> dig -x 10.0.0.1
; <<>> DiG 9.3.1 <<>> -x 10.0.0.1
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51746
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;1.0.0.10.in-addr.arpa. IN PTR
;; Query time: 4208 msec
;; SERVER: 24.25.227.64#53(24.25.227.64)
;; WHEN: Sun Jun 5 16:58:13 2005
;; MSG SIZE rcvd: 39
No ANSWER section. . . seems to prove that
the issue is probably reverse DNS, AFAIAC.
Should look more like:
======================================
#dig -x 192.168.0.1
; <<>> DiG 9.3.0 <<>> -x 192.168.0.1
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50363
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; QUESTION SECTION:
;1.0.168.192.in-addr.arpa. IN PTR
;; ANSWER SECTION:
1.0.168.192.in-addr.arpa. 86400 IN PTR
archangel.daleco.biz.0.168.192.in-addr.arpa.
<snippage>
=======================================
I forget which, but one chapter in the handbook deals with running
a nameserver; getting reverse DNS should eliminate your delay issue.
Kevin Kinsey
DaleCo, S.P.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
