Hello! Reverse lookup for said the host in the strace - our ldap server - is not set up.
[EMAIL PROTECTED]:~> host 172.21.242.9 Host 9.242.21.172.in-addr.arpa not found: 3(NXDOMAIN) It tells so immediately. To my knowledge there is no strict requirement that an LDAP or any other hosts in a local network needs a reverse lookup set up. I imagine there may be lots of networks where reverse lookup is not defined for some hosts, my network at home doesn't even have a DNS server. At least I do not get whether avahi tries to find out about the same IP address again and again. Since the workstation uses LDAP I think that IP reverse lookup for that IP address is queried for very often. The "strace ssh" case was repeatable after a second. It shouldn't try to find out about that IP address that often IMHO. If it isn't known it should wait some time before it tries again. That would be an avahi-daemon issue. Added to that I would be more reluctant to add an option to nsswitch that delays reverse lookups where the DNS server returns not found in a fraction of a second by 5 seconds or more. Its the postinst script of the package libnss-mdns that does it: --------------------------------------------------------------------- perl -i -pe ' sub insert { # this also splits on tab my @bits=split(" ", shift); # do not break configuration if the "hosts" line already references # mdns if (grep { $_ eq "mdns4_minimal" || $_ eq "mdns4" || $_ eq "mdns" || $_ eq "mdns_minimal" || $_ eq "mdns6" || $_ eq "mdns6_minimal"} @bits) { return join " ", @bits; } # change "dns" into "mdns4_minimal [NOTFOUND=return] dns mdns4" return join " ", map { $_ eq "dns" ? ("mdns4_minimal","[NOTFOUND=return]", $_,"mdns4") : $_ } @bits; } s/^(hosts:\s+)(.*)/$1.insert($2)/e; ' /etc/nsswitch.conf --------------------------------------------------------------------- I cannot remember that it asked me whether I like to do these changes. It maybe tries to do these changes again when the package is updated. I recommend that "mdns4_minimal" is added by default - I doesn't create the timeout as I tested today -, but "mdns4" after dns lookup is not without asking the user first. That would be a libnss-mdns issue. About NFS I agree with you, it likely wasn't NFS, it was the LDAP lookups and possibly other server IP address reverse lookups I think. Regards, -- Martin Steigerwald Trainer / Consultant / Systems Engineer team(ix) GmbH Solide IT-Infrastruktur Südwestpark 35 90449 Nürnberg fon: +49 (911) 30999- 0 fax: +49 (911) 30999-99 mail: [EMAIL PROTECTED] web: http://www.teamix.de vcf: http://www.teamix.de/vcf/ms.vcf gpg: 19E3 8D42 896F D004 08AC A0CA 1E10 C593 0399 AE90 Amtsgericht Nürnberg, HRB 18320 Geschäftsführer: Oliver Kügow, Richard Müller