I have sytems both at home and at work running FreeBSD 5.4 release with a more or less standard installation. Both systems are connected to internet routers via a nics; and under normal circumstances all works fine -- or at least seems to be working fine. In both cases there are other computers connected via LAN. But if the internet connection breaks -- e.g. the routers crash or the ISP connection fails for some reason then trying to ssh into the machine from another local machine is a problem -- either timing out our taking a very very long time. With the internet connection down I notice a similar problem when booting in the sendmail script. Now it is my understanding that resolution of host names should determine from /etc/host.conf and/or /etc/nsswitch.conf whether to first try /etc/host or the dns server addressed by /etc/resolv.conf I believe these should give preference to /etc/hosts but never-the-less things get stuck when the dns server can't be reached. ************/etc/host.conf**************** # Auto-generated from nsswitch.conf, do not edit hosts bind ************/etc/nsswitch.conf************ group: compat group_compat: nis hosts: files dns networks: files passwd: compat passwd_compat: nis shells: files Am I missing something? (Probably) Is this behaviour normal? Can the lockups be avoided? Any help, ideas or clarification would be appreciated. Malcolm Kay
Robert Zagarello
2005-Oct-04 08:37 UTC
[freebsd-stable@freebsd.org] Hosts/dns contention in FBSD 5.4
When the DNS can't be reached you need to have the server's host name in your local-LAN accessing client's hosts file. Either way, the client hosts file will be checked first before DNS access (this is true for Windows OSs at least), so because of this you can use any name in your local client, i.e., a NetBIOS name for example (non-dotted up to 15-character, etc.). BZAG =============== --- Malcolm Kay <malcolm.kay@internode.on.net> wrote:> I have sytems both at home and at work running > FreeBSD 5.4 > release with a more or less standard installation. > > Both systems are connected to internet routers via a > nics; > and under normal circumstances all works fine -- or > at least > seems to be working fine. In both cases there are > other > computers connected via LAN. > > But if the internet connection breaks -- e.g. the > routers crash > or the ISP connection fails for some reason then > trying to ssh > into the machine from another local machine is a > problem -- > either timing out our taking a very very long time. > > With the internet connection down I notice a similar > problem when > booting in the sendmail script. > > Now it is my understanding that resolution of host > names should > determine from /etc/host.conf and/or > /etc/nsswitch.conf whether > to first try /etc/host or the dns server addressed > by > /etc/resolv.conf > > I believe these should give preference to /etc/hosts > but > never-the-less things get stuck when the dns server > can't be > reached. > > ************/etc/host.conf**************** > # Auto-generated from nsswitch.conf, do not edit > hosts > bind > > ************/etc/nsswitch.conf************ > group: compat > group_compat: nis > hosts: files dns > networks: files > passwd: compat > passwd_compat: nis > shells: files > > Am I missing something? (Probably) > Is this behaviour normal? > Can the lockups be avoided? > > Any help, ideas or clarification would be > appreciated. > > Malcolm Kay > > _______________________________________________ > freebsd-stable@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-stable> To unsubscribe, send any mail to > "freebsd-stable-unsubscribe@freebsd.org" >
On Wed, 5 Oct 2005 01:13 am, Spartak Radchenko wrote:> On Wed, Oct 05, 2005 at 12:50:26AM +0930, Malcolm Kay wrote: > [...] > > > But if the internet connection breaks -- e.g. the routers > > crash or the ISP connection fails for some reason then > > trying to ssh into the machine from another local machine is > > a problem -- either timing out our taking a very very long > > time. > > Add sshd_flags="-u0" in /etc/rc.conf.A great thought; but unfortunately it doesn't seem to help. Thanks, Malcolm Kay
On Wed, 5 Oct 2005 11:06 am, Jeremy Bogan wrote:> You could try running a caching DNS server locally, DjbDNS is > simple to setup and get going. >Yes, I have thought that maybe a local simple caching dns server would help; and if I can't otherwise fix the problem I'll give it a go. And I appreciate your suggestion of DjbDNS. It does seem however that this should not be necessary. Thanks, Malcolm Kay> On 05/10/2005, at 1:20 AM, Malcolm Kay wrote: > > ... > > But if the internet connection breaks -- e.g. the routers > > crash or the ISP connection fails for some reason then > > trying to ssh into the machine from another local machine is > > a problem -- either timing out our taking a very very long > > time. > > ...
On 05/10/2005, at 1:20 AM, Malcolm Kay wrote:> ... > But if the internet connection breaks -- e.g. the routers > crash or the ISP connection fails for some reason then > trying to ssh into the machine from another local machine is > a problem -- either timing out our taking a very very long > time.I had this same problem before and was advised to change #UseDNS yes to no in sshd_config It did help. Good luck Robert