turning on recursion in bind 9.2.2 makes ssh login prompt slow

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Jan 16 13:14:11 UTC 2008


On Wed, Jan 16, 2008 at 07:57:50AM -0500,
 r37ribution at gmail.com <r37ribution at gmail.com> wrote 
 a message of 83 lines which said:

> every ssh connection hangs after you enter the user name when trying
> to log in to any box using this server for DNS.

Hypothesis: it tries a PTR lookup for address-to-name resolution and
times out. Without recursion, the lookup fails immediately, so there
is no delay.

I suggest to debug DNS with dig rather than with SSH :-) What does
"dig -x 209.85.137.83" say?

> Here is my named.conf:

I do not see the hints? How can the machine goes to the root (for
non-local zones) without it? (It is hardwired in recent BIND but I'm
not sure for 9.2.2.)

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};



More information about the bind-users mailing list