How does openssh handle dns roundrobin? specifically with "-L" option. If I have 10 clients each use "-L 8080:example.com:8080" and example.com has two A records 1.1.1.1 and 2.2.2.2 does half (roughly) of my clients use 1.1.1.1 and other half use 2.2.2.2 when they try to connect to port 8080 on their local system? In case it matters ssh -V OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016 Thanks & Regard ?s Pujan Shah?
On 6 February 2018 at 20:01, Pujan Shah <ps at dom.de> wrote:> How does openssh handle dns roundrobin? specifically with "-L" option.It'll try them in the order your system resolver returns them until one of them works. The logic is in channels.c:connect_next(). -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On 06/02/18 19:31, Pujan Shah wrote:> How does openssh handle dns roundrobin?I needed to know this so I experimented, by creating a name with four addresses, only one of which was live.? I found that SSH tried each address, in the order returned by the resolver, until the connect succeeded.