PUzzling sshd behaviour
Jeremy Messenger
mezz7 at cox.net
Mon Sep 8 15:03:02 PDT 2003
On Mon, 8 Sep 2003 23:13:06 +0200, Andreas Klemm <andreas at freebsd.org>
wrote:
> On Mon, Sep 08, 2003 at 03:59:51PM -0500, Jeremy Messenger wrote:
>> My solution is to install and setup dnscache to do the local DNS cache.
>
> DNS cache sounds like it caches DNS records after a successfull
> DNS query, right ?
>
> The problem at my clients project was, that the DNS server
> a) wasn't reachable from time to time because they played
> around with a pix firewall in a cat6k
> b) these particular OOB IPs and the sun's IPs were not in
> DNS database
>
> So ... I assume a dns *cache* wouldn't have brought any better
> functionality. We still would have needed a functionality in
> sshd, to turn off reverse lookup entirely ...
> The suns have already been secured by firewalls so no real need
> for this reverse lookup feature.
I use tinydns and dnscache to do the local DNS, so I don't have to touch
the /etc/hosts anymore. The /etc/hosts is just pain in my ass. It solved
all of my SSH and other reverse lookup problems. Current, I have the split
horizon DNS[1] setup for the internal and external DNS queries separate.
[1] http://www.fefe.de/djbdns/#splithorizon
Great article about djbdns on FreeBSD can be found at
http://ezine.daemonnews.org/200210/ezdjbdns.html ..
Cheers,
Mezz
> Andreas ///
--
bsdforums.org 's moderator, mezz.
More information about the freebsd-hackers
mailing list