Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 18 Jul 2002 09:45:20 +0800 (CST)
From:      Tai-hwa Liang <avatar@www.mmlab.cse.yzu.edu.tw>
To:        Mark.Andrews@isc.org
Cc:        freebsd-stable@FreeBSD.ORG
Subject:   Re: slow ssh connection speed(bind problem?) 
Message-ID:  <20020718093542.Q53886-100000@www.mmlab.cse.yzu.edu.tw>
In-Reply-To: <200207172222.g6HMMJJe085318@drugs.dv.isc.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, 18 Jul 2002 Mark.Andrews@isc.org wrote:
[...]
> > 	/etc/hosts
> > 		::1                     localhost localhost.my.domain
> > 		127.0.0.1               localhost.my.domain localhost
> > 		192.168.0.12            newly.built.releng.4.server test
> >
> > 	/etc/resolv.conf:
> > 		domain		my.domain.
> > 		search		my.domain.
> > 		nameserver      192.168.0.1
> >
[...]
>
> 	Well are you serving the RFC 1918 address range you are using
> 	or are you depending upon the over loaded servers on the Internet
> 	to answer you leaked queries?  If you are using RFC 1918 address
> 	and are using the DNS you should be serving the appropriate
> 	address range.  Even a empty zone (SOA and NS record only)
> 	will do to stop the queries leaking and speed up the response.
We did setup a named listen on 192.168.0.1 and serves all RFC 1918 ranged
addressing records(forward & reverse) since years ago. The slowdown only
appeared after enabling UsePrivilegeSeparation in the latest OpenSSH-3.4p1.

According to Chris Johnson's reply, a working /var/empty/etc/resolv.conf
did solve the problem; however, a Linux box with OpenSSH-3.4p1 +
UsePrivilegeSeparation with an empty /var/empty/(no resolv.conf) doesn't
have such problem, though.

>
> > 	I'm wondering whether there was any bind(especially getnameinfo())
> > related changes in recent RELENG_4. Or did I miss any sshd_config related
> > knobs?
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-stable" in the body of the message
> --
> Mark Andrews, Internet Software Consortium
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews@isc.org
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020718093542.Q53886-100000>