From owner-freebsd-questions@FreeBSD.ORG Mon Jun 6 03:03:26 2005 Return-Path: X-Original-To: freebsd-questions@FreeBSD.org Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5800616A41C for ; Mon, 6 Jun 2005 03:03:26 +0000 (GMT) (envelope-from rmarella@gmail.com) Received: from ms-smtp-03-eri0.socal.rr.com (ms-smtp-03-qfe0.socal.rr.com [66.75.162.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1570C43D5C for ; Mon, 6 Jun 2005 03:03:25 +0000 (GMT) (envelope-from rmarella@gmail.com) Received: from [10.0.0.101] (cpe-66-8-186-59.hawaii.res.rr.com [66.8.186.59]) by ms-smtp-03-eri0.socal.rr.com (8.12.10/8.12.7) with ESMTP id j5633LgQ019963; Sun, 5 Jun 2005 20:03:22 -0700 (PDT) Message-ID: <42A3BCF9.8090200@gmail.com> Date: Sun, 05 Jun 2005 17:03:21 -1000 From: Robert Marella User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.8) Gecko/20050512 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jonathan Chen References: <5EEBE9C3C61D1142994C6B620C51E847110B80@depot.weblinkmo.com> <17059.37867.174248.688500@jerusalem.litteratus.org> <42A3A5F4.8090807@gmail.com> <20050606023235.GA81334@osiris.chen.org.nz> <42A3B9B6.5070800@gmail.com> <20050606025554.GB81546@osiris.chen.org.nz> In-Reply-To: <20050606025554.GB81546@osiris.chen.org.nz> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: Symantec AntiVirus Scan Engine Cc: freebsd-questions@FreeBSD.org Subject: Re: ssh delays 40 seconds X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2005 03:03:26 -0000 Jonathan Chen wrote: > On Sun, Jun 05, 2005 at 04:49:26PM -1000, Robert Marella wrote: > >>Jonathan Chen wrote: > > > [...] > >>>It's not the forward case that's the problem. The sshd daemon on the >>>server side attempts to find out where the connection is from by doing >>>a reverse-lookup. If the incoming IP hasn't got a DNS entry, the failing >>>DNS ip-lookup will time out in ~30s. >>> >> >>Thanks for responding. In all of my systems /etc/hosts is populated with >>the name and LAN IP address of all other boxes. My gateway/firewall is a >>5.4 Rel computer. I can ping that box "it's called gateway" with ping >>gateway or ping 10.0.0.1 no problem. > > > What does "dig -x 10.0.0.1" on the ssh-server box give you? Looks like > you need to set up a internal DNS server to resolve these sort of > problems. > > Cheers. Jonathan from my gateway box. The 24.25.227.64 is also found in resolv.conf placed there by dhcpd from roadrunner. robert@gateway:~> dig -x 10.0.0.1 ; <<>> DiG 9.3.1 <<>> -x 10.0.0.1 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51746 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;1.0.0.10.in-addr.arpa. IN PTR ;; Query time: 4208 msec ;; SERVER: 24.25.227.64#53(24.25.227.64) ;; WHEN: Sun Jun 5 16:58:13 2005 ;; MSG SIZE rcvd: 39 This is from one of the clients on my lan [frankie] ~> dig -x 10.0.0.1 ; <<>> DiG 9.3.1 <<>> -x 10.0.0.1 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34691 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;1.0.0.10.in-addr.arpa. IN PTR ;; Query time: 3356 msec ;; SERVER: 24.25.227.64#53(24.25.227.64) ;; WHEN: Sun Jun 5 16:59:51 2005 ;; MSG SIZE rcvd: 39 I hope this helps you help me. Robert