On Wed, 30 Oct 2024 at 00:40, Alan Hodgson <ahodgson@xxxxxxxxxxxxxxx> wrote:
Well, I'm just throwing out something to check, but I meant on the server, not the client. It's trying to resolve "localhost" to check the auth. If there's a delay, that's probably where it is.I guess I just assumed that's where you were testing dig.
Yep. my mistake. i did not read it correctly. in order to discard the rule, it first has to find out by expanding the hosts in the rule, so yep, dns resolution might be the problem.
also, the 4-5s delay is eerie similar to issues in the past.
maybe disabling ipv6 completely resolves this for the time being.