On Fri, Feb 09, 2001 at 02:40:31PM +1100, [EMAIL PROTECTED] wrote:
> > If you aren't running a name server, try moving /etc/resolv.conf
> > out of the way.
>
> This was significant -
>
> I moved it aside, and suddenly the machine that was slow to login
> (while it did a DNS lookup) was fast.
>
> I.e. coo and posh used to both have the same resolv.conf file, that
> said:
>
> search localdomain
> nameserver 203.15.68.3
> nameserver 203.26.10.25
> nameserver 203.26.10.19
>
> (for my ISP's nameservers). And of course posh could swiftly login to
> coo but coo had to wait for a DNS timeout to slogin to posh.
>
> Moving resolv.conf aside just on coo "fixed" this. (Don't know why
> this shouldn't be true for posh too - except for the next point.)
>
> But coo is setup to use posh to get to the internet if posh is
> connected at the time. (A friend set this up for me.)
>
> I bet this is the key point, isn't it?
So coo has a default route to posh thats up all the time, posh only
has a default route when the internet is up?
If the above is true, it sounds like posh doesn't have a problem because
there is no route to 203.x.x.x, so it doesn't bother to try and resolve
names using the name server. coo does has a route to 203.x.x.x, the default
route, so it will try to contact it, and wait for the timeout.
The next test would be to put /etc/resolv.conf back on coo and delete the default
route and how it goes.
> Anyway, isn't there a problem with moving aside resolv.conf? Namely,
> that without a resolv.conf, coo won't know what nameserver to talk to to
> resolve domain names?
:) yes.
> That seems to me to show that coo correctly gets the IP address of posh
> from the /etc/hosts, but then sends some sort of IP packet down a socket
> that includes the string "posh" and :localdomain", which seems to be
> directed at each of the nameservers listed in resolv.conf. Each one
> fails after a short period, then it seems to try again.
>
> This may account for the delay. I.e. it's not really a DNS lookup at
> all. It's trying to validate the names (against spoofing or something?)
I think your right, but it is trying to do a DNS lookup, it sounds like
its being paraniod (man hosts_access).
> Is the system trying to talk to a nameserver to verify that posh and
> localdomain are host and domain names that can be trusted?
I think it might be doing a reverse lookup, checking to see if the
name matches the ip address (or is it the other way around?).
> BTW, is this significant? On both hosts, this is what I get from these
> commands:
I don't know.
--
chesty
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
