Slow connects due to out-of-context DNS lookup
Adrian Wilkins
adrian.wilkins at gmail.com
Thu Mar 2 00:41:38 AEDT 2017
Ok, so my situation :
Connecting to internal machines via a bastion server in AWS.
Because I'm raising and tearing down the infrastructure a lot at this
stage with Terraform, the IP addresses change.
For the management subnet, I have a private DNS zone defined, and a
public zone with a record for the bastion server.
What I wanted ; to just be able to define a config entry thus :
---
Host graylog
Hostname graylog.management
ProxyCommand ssh -q -W %h:%p user at jumpbox.my.aws.zone
---
This takes a long time (> 30s)to connect because the client is doing a
DNS lookup on the Hostname, which apparently has to fail before it
attempts to connect.
Add this to your /etc/hosts ...
---
127.0.0.1 graylog.management
---
... and connection is swift. This seems like a rather grody workaround,
because one day I may have a VPN server inside this cloud and want DNS
lookups to work properly.
Is there a way to suppress this DNS lookup happening locally, when using
ProxyCommand?
Is this in the same set of things being discussed at
http://marc.info/?l=openssh-unix-dev&m=139556798100796&w=2
and https://bugzilla.mindrot.org/show_bug.cgi?id=2218
?
I don't have CanonicalizeHostName on, so what's doing the lookup?
More information about the openssh-unix-dev
mailing list