On Fri, May 01, 2009 at 03:11:35PM -0400, Ward Vandewege via RT wrote: > > [beuc - Fri May 01 14:43:25 2009]: > > Did anything change in the reverse DNS resolution setup recently? > > I changed our nameserver configuration to no longer respond to lookups > for '.', as per > > http://isc.sans.org/diary.html?date=2009-01-18 > > That change was made on 2009-04-27. > > But that *should* be unrelated. > > > Savannah uses 10.0.0.0/24 internally and some processes do reverse > > lookup on them. When I try to do the reverse manually, all DNS > > servers eventually timeout, but this takes a very long while. MySQL > > in particular was impacted AFAIK. > > Yeah. The problem is clearly these reverse lookups. But, arguably you > shouldn't be sending those lookups to nameservers in /etc/resolv.conf > (only one of which is FSF operated, the others are run by our ISP). > > Can you add /etc/hosts entries to work around this?
I can and will, but in order to avoid such mysterious issues again, would it be possible to send a reject or anything but not drop the request? -- Sylvain
