Slow connects due to out-of-context DNS lookup

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Ok, so my situation :

Connecting to internal machines via a bastion server in AWS.

Because I'm raising and tearing down the infrastructure a lot at this stage with Terraform, the IP addresses change.

For the management subnet, I have a private DNS zone defined, and a public zone with a record for the bastion server.

What I wanted ; to just be able to define a config entry thus :

---

Host graylog
  Hostname graylog.management
  ProxyCommand ssh -q -W %h:%p user@xxxxxxxxxxxxxxxxxxx

---

This takes a long time (> 30s)to connect because the client is doing a DNS lookup on the Hostname, which apparently has to fail before it attempts to connect.

Add this to your /etc/hosts ...

---

127.0.0.1  graylog.management

---

... and connection is swift. This seems like a rather grody workaround, because one day I may have a VPN server inside this cloud and want DNS lookups to work properly.

Is there a way to suppress this DNS lookup happening locally, when using ProxyCommand?

Is this in the same set of things being discussed at

http://marc.info/?l=openssh-unix-dev&m=139556798100796&w=2

and https://bugzilla.mindrot.org/show_bug.cgi?id=2218

?

I don't have CanonicalizeHostName on, so what's doing the lookup?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux