Reverse DNS Lookups on afp://dot addresses?
Reverse DNS Lookups on afp://dot addresses?
- Subject: Reverse DNS Lookups on afp://dot addresses?
- From: Jeffrey Johnson <email@hidden>
- Date: Fri, 8 Mar 2002 08:32:51 -0500
Wer're trying to work out how our app might do distributed processing
for a future version. While upgrading boxes to 10.1.3, we (along with
lots of others) have noticed it's taking an interminably long time to
get login dialogs for AFP mounted volumes. (We may not recommend
AFP-mounted servers, but we want to test it anyway).
Out test area is NATed behind a Netgear RO318 switch, with each
machine having a manually assigned 192.168 address. There are Netinfo
"machine" entries (ip_address,name) on all the boxes for all the
other hosts behind the switch. The DNS is our ISP (non-NAT side of
the switch).
When we specify "afp://192.168.0.2" from host "foo" under Go->Connect
To Server->Address, we're seeing attempts to "qualify" the dot
address like the following:
userSelectedURL is afp://192.168.0.2
Mar 2 08:32:16 foo lookupd[199]: DNSAgent: dns_send_query_server -
timeout for <ISP DNS>
Mar 2 08:32:36 foo last message repeated 2 times
Mar 2 08:32:36 foo lookupd[199]: DNSAgent: dns_fqdn_query_server -
query failed for <ISP DNS>
Mar 2 08:32:50 foo lookupd[199]: DNSAgent: dns_send_query_server -
timeout for <ISP DNS>
Mar 2 08:32:10 foo last message repeated 2 times
Mar 2 08:32:10 foo lookupd[199]: DNSAgent: dns_fqdn_query_server -
query failed for <ISP DNS>
We're finally presented with an authentication dialog from
192.168.0.2 after a little more than a minute (sometimes longer). A
minute is a long time to be locked out of the Finder, watching the
Spinning Wheel Of Death :-/.
It looks like a reverse name lookup is being attempted to our DNS
outside the NAT area. Of course, there aren't any entries for these
addresses in an outside DNS, since they're private. Checking older
(10.1.2) boxes, it looks like this has been happening for a while,
but apparently 10.1.3 increased the timeout value to the point the
delay passes the pain threshhold.
-Why are these reverse name lookups being attemped
a) at all when a dot address is supplied?
b) on private/non-routable addresses?
- Why isn't lookupd/NetInfo checking the local Netinfo DB or a hosts
file first to resolve these? (and do we have to set up both, even
though the hosts file seems to be ignored on X?).
- If it should be and we've set up NetInfo incorrectly, *Where are
the elusive docs* for NetInfo so we might figure out where we've gone
wrong, and where we can point our users when we roll out this
feature? If all the familiar Unix services have been co-opted by
NetInfo, somebody needs to publish a F-M so we can R it. :-).
Out test area was designed to mimic how a lot of home users set up a
home network behind a DSL/cable modem (sharing a single address
through NAT/ private machines not in a DNS /simple file sharing), and
I'd expect a lot of angry users with torches and pitchforks at the
gates in Cupertino soon unless a KBase article or Tech Note comes out
:-).
--
Thanks
Jeffrey Johnson
Macintosh Development
Wavefunction, Inc.
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.