turning on recursion in bind 9.2.2 makes ssh login prompt slow

Jack Tavares j.tavares at F5.com
Thu Jan 17 15:14:51 UTC 2008 

never mind. I had it backwards.
 
________________________________

From: bind-users-bounce at isc.org on behalf of Jack Tavares
Sent: Thu 1/17/2008 3:27 PM
To: r37ribution at gmail.com; bind9-users at isc.org
Subject: RE: turning on recursion in bind 9.2.2 makes ssh login prompt slow



I see that your problem has already been solved but
I have a question:

If this server is on an independent network, and cannot reach
the root servers and you have no forwarding or slave zones
(in the named.conf)
why do you need recursion in the first place?
________________________________

From: bind-users-bounce at isc.org on behalf of r37ribution at gmail.com
Sent: Wed 1/16/2008 2:57 PM
To: bind9-users at isc.org
Subject: turning on recursion in bind 9.2.2 makes ssh login prompt slow



Alright this is really strange but every time I turn on recursion in
named.conf every ssh connection hangs after you enter the user name when
trying to log in to any box using this server for DNS. After about 30sec to
1min the password prompt comes up and the ssh connection runs fine after
that.


Here is my named.conf:

// BIND Version 9 configuration file.

//

options {

       directory           "/var/opt/dnsfiles";

       dump-file           "/var/opt/dnsfiles/tmp/named_dump.db";

       pid-file            "/usr/local/run/named.pid";

           // version statement for security to avoid hacking known
weaknesses

           version "not currently available";

           recursion yes;

};

include "/etc/rndc.key";

controls {

        inet 127.0.0.1 allow {127.0.0.1; } keys { "rndc-key"; };

};

zone "bms.n2bb.com" in {

  type master;

  file "db.bms.n2bb.com";

  // to allow salve transfers, add slave ips in place of 'none'

  allow-transfer { any; };

};

zone "1.84.168.in-addr.arpa" in {

  type master;

  file "db.168.84.1";

  // to allow salve transfers, add slave ips in place of 'none'

  allow-transfer { any; };

};

zone "localhost" in {

  type master;

  file "localhost.zone";

};

zone "0.0.127.in-addr.arpa" in {

  type master;

  file "named.local";

};



Any help is greatly appreciated.

More information about the bind-users mailing list