Date: Tue, 27 Dec 2005 10:16:21 +0000 From: David Malone <dwmalone@maths.tcd.ie> To: Rostislav Krasny <rosti.bsd@gmail.com>, des@freebsd.org Cc: yar@freebsd.org, "Michael A. Koerber" <mak@ll.mit.edu>, freebsd-stable@freebsd.org, Lowell Gilbert <freebsd-stable-local@be-well.ilk.org>, Marian Hettwer <MH@kernel32.de> Subject: Re: SSH login takes very long time...sometimes Message-ID: <20051227101621.GA16276@walton.maths.tcd.ie> In-Reply-To: <59e2ee810512250841t75157e62rec9dc389ac716534@mail.gmail.com> References: <59e2ee810512250841t75157e62rec9dc389ac716534@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 25, 2005 at 06:41:57PM +0200, Rostislav Krasny wrote: > defined as 4. In a case the DNS server isn't responding the > gethostbyname() makes 8 (eight!) reverse resolving attempts for one > (!) non-responding DNS server before it returns error. And this is by > default. All that is still true for my current 6.0-STABLE. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/62139 > > As a workaround I may suggest addind "options attempts:2" or even > "options attempts:1" line to the /etc/resolver.conf I've often thought that we shouled make the default login timeout longer than our DNS timeout, as it means it is hard (or impossible) to log in to fix your DNS server when your DNS server is down. It is even worse if you don't control some DNS server in the chain between the root and the name you're trying to look up. I did once mail des@ to ask him if he'd mind me changing the default login timeout for sshd to be (say) 5 minutes rather than 1 minute, but I think he was busy at the time. Judging by the PR mentioned above it should be at least 2m30s by default. Des, would you mind this change being made? David.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051227101621.GA16276>