[ale] weirdness with slow ssh connections (IPv6 related?)

Jeff Lightner jlightner at water.com
Thu Oct 29 08:07:11 EDT 2009


My first thought was the /etc/resolv.conf on the host where you're
coming from then I read your comment about -4.  Using fully qualified
domain prevents going through the list of search domains in resolv.conf
so if you many of those it might make a difference (and of course IP
ignores it altogether).

On reviewing man page for resolv.conf just now I see it also has option
inet6:

"inet6  sets RES_USE_INET6 in _res.options.  This has the  effect
of trying a AAAA query before an A query inside the gethostbyname()
function, and of mapping  IPv4  responses  in IPv6  ''tunnelled form''
if no AAAA records are found but an A record set exists."

Is it possible someone put that in your resolv.conf?   For that matter
does your DNS server have AAAA records and A records? 

While you're at it you might want to verify the resolv.conf doesn't have
unreachable name servers listed.

-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of
Steven A. DuChene
Sent: Wednesday, October 28, 2009 9:16 PM
To: ale at ale.org
Subject: [ale] weirdness with slow ssh connections (IPv6 related?)

I am working on a project with 50 - 70 servers in the AT&T data center
on University. They have either RHEL5U3 or CentOS5U3 on the systems.
I have DNS configured with the normal bind 9 packages that come with
CentOS5U3. My problem is when using ssh to get between the systems
if i use the short name for a system it takes a long time to get to
a shell prompt on the remote system. If I use the fully qualified
domain name or the IP address of I use a "-4" with the short name
I get to a shell prompt immediately. So to illustrate:

root at adm #  ssh new75

takes a LONG time to get shell prompt.

Any of the following get me a shell prompt almost immediately:

root at adm #  ssh -4 new75

root at adm #  ssh new75.wholedomain.here

root at adm #  ssh 10.4.5.6   (IP address of new75 system)

Since the "-4" option seems to have a positive effect I have gone
to each system and made sure the IPv6 kernel modules are not loaded
and the network file in /etc/sysconfig/ has the following line in
it:

NETWORKING_IPV6=no

but that made little or no difference to the problem. The lines
I added to the /etc/modprobe.conf file look like this:

alias net-pf-10 off
alias ipv6 off

I believe it some strange interaction problem between IPv6 and DNS
but I do not have a clear plan on what to try next.

Any suggestions?
--
Steven DuChene


_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
 
Proud partner. Susan G. Komen for the Cure.
 
Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------



More information about the Ale mailing list