[avahi] problem with nss_mdns4 doing long timesouts looking up dotted decimals

Lennart Poettering lennart at poettering.net
Thu Mar 15 16:18:47 PDT 2007

On Sat, 10.03.07 12:20, Norman Ramsey (nr at eecs.harvard.edu) wrote:

> With a recent update, it now takes me 10 or 15 seconds to do any opeation
> involving ssh.  Using strace, I believe I've tracked the problem 
> to avahi's lair.  Here's a fragment of an strace: the NSS opens
> libness_mdns4, which connects to an avahi-daemon socket and asks it to
> resolve a dotted-decimal address.  It takes 5 seconds to time out
> (i.e., it takes 5 seconds for the read() to complete).  For reasons I
> don't understand, ssh does this lookup *twice* to make a connection.
> Result: every little remote cvs operation comes with a 10-second
> delay.  This is driving me crazy; can anyone think of a workaround?

If nsswitch.conf is configured correctly (and yours appears to be),
this timeout should only happen if no DNS reverse name is configured
for that IP address, and neither a mDNS reverse name.

There are several way to work around this:

1) Remove the final "mdns4" from the nsswitch.conf line. This will
   disable reverse mDNS lookups for all IP addresses outside the range. 

2) Modify your DNS server to include mappings for this specific IP

3) Do the same locally, in /etc/hosts

4) Install avahi on the respective host - if it is connected to the
   same LAN segment.

The current default behaviour does its best to avoid this timeout, by
putting the DNS lookups first, but you're still bitten because your
DNS doesn't include proper mappings for this IP address.


Lennart Poettering; lennart [at] poettering [dot] net
ICQ# 11060553; GPG 0x1A015CC4; http://0pointer.net/lennart/

More information about the avahi mailing list