turning on recursion in bind 9.2.2 makes ssh login prompt slow

r37ribution at gmail.com r37ribution at gmail.com
Fri Jan 18 17:53:54 UTC 2008 

Your correct, the initial configuration was with recursion disabled because
it was not needed.
The reason I need recursion enabled is because we are adding a sub-zone to
the primary dns server's zone file for an Isilon node array with 6 GbE
ports, I needed round-robining enabled so that each FTP connection using the
DNS name of the array will round robin the 6 GbE ports. Isilon requires that
they manage the round-robining which is why I couldn't just put 6 different
IPs with the same host name in my zone file. This is a Comcast VOD
system and the array is an archive used for MPEG2 content ingestion so we
need all the BW we can get. Prior to the DNS reconfiguration we were only
using 1 of the GbE ports and it was maxing it out, this should speed up
ingestion tremendously.

On Jan 17, 2008 10:14 AM, Jack Tavares <j.tavares at f5.com> wrote:

>  never mind. I had it backwards.
>
>
> ------------------------------
> *From:* bind-users-bounce at isc.org on behalf of Jack Tavares
> *Sent:* Thu 1/17/2008 3:27 PM
> *To:* r37ribution at gmail.com; bind9-users at isc.org
> *Subject:* RE: turning on recursion in bind 9.2.2 makes ssh login prompt
> slow
>
>   I see that your problem has already been solved but
> I have a question:
>
> If this server is on an independent network, and cannot reach
> the root servers and you have no forwarding or slave zones
> (in the named.conf)
> why do you need recursion in the first place?
> ________________________________
>
> From: bind-users-bounce at isc.org on behalf of r37ribution at gmail.com
> Sent: Wed 1/16/2008 2:57 PM
> To: bind9-users at isc.org
> Subject: turning on recursion in bind 9.2.2 makes ssh login prompt slow
>
>
>
> Alright this is really strange but every time I turn on recursion in
> named.conf every ssh connection hangs after you enter the user name when
> trying to log in to any box using this server for DNS. After about 30sec
> to
> 1min the password prompt comes up and the ssh connection runs fine after
> that.
>
>
> Here is my named.conf:
>
> // BIND Version 9 configuration file.
>
> //
>
> options {
>
>        directory           "/var/opt/dnsfiles";
>
>        dump-file           "/var/opt/dnsfiles/tmp/named_dump.db";
>
>        pid-file            "/usr/local/run/named.pid";
>
>            // version statement for security to avoid hacking known
> weaknesses
>
>            version "not currently available";
>
>            recursion yes;
>
> };
>
> include "/etc/rndc.key";
>
> controls {
>
>         inet 127.0.0.1 allow {127.0.0.1; } keys { "rndc-key"; };
>
> };
>
> zone "bms.n2bb.com" in {
>
>   type master;
>
>   file "db.bms.n2bb.com";
>
>   // to allow salve transfers, add slave ips in place of 'none'
>
>   allow-transfer { any; };
>
> };
>
> zone "1.84.168.in-addr.arpa" in {
>
>   type master;
>
>   file "db.168.84.1";
>
>   // to allow salve transfers, add slave ips in place of 'none'
>
>   allow-transfer { any; };
>
> };
>
> zone "localhost" in {
>
>   type master;
>
>   file "localhost.zone";
>
> };
>
> zone "0.0.127.in-addr.arpa" in {
>
>   type master;
>
>   file "named.local";
>
> };
>
>
>
> Any help is greatly appreciated.
>
>
>
>
>
>
>
>

More information about the bind-users mailing list