[avahi] problem with nss_mdns4 doing long timesouts looking up
dotted decimals
Norman Ramsey
nr at eecs.harvard.edu
Fri Mar 23 13:08:49 PDT 2007
> On Sat, 10.03.07 12:20, Norman Ramsey (nr at eecs.harvard.edu) wrote:
>
> > With a recent update, it now takes me 10 or 15 seconds to do any opeation
> > involving ssh. Using strace, I believe I've tracked the problem
> > to avahi's lair. Here's a fragment of an strace: the NSS opens
> > libness_mdns4, which connects to an avahi-daemon socket and asks it to
> > resolve a dotted-decimal address. It takes 5 seconds to time out
> > (i.e., it takes 5 seconds for the read() to complete). For reasons I
> > don't understand, ssh does this lookup *twice* to make a connection.
> > Result: every little remote cvs operation comes with a 10-second
> > delay. This is driving me crazy; can anyone think of a workaround?
>
> If nsswitch.conf is configured correctly (and yours appears to be),
> this timeout should only happen if no DNS reverse name is configured
> for that IP address, and neither a mDNS reverse name.
Very odd. There is a DNS server built into my firewall and this is
probably causing the problem.
> There are several way to work around this:
>
> 1) Remove the final "mdns4" from the nsswitch.conf line. This will
> disable reverse mDNS lookups for all IP addresses outside the
> 169.254.0.0/16 range.
If I remove mdns4, will the earlier mdns4_minimal be sufficient to
identify hosts in the .local domain on the same LAN segment?
> The current default behaviour does its best to avoid this timeout, by
> putting the DNS lookups first, but you're still bitten because your
> DNS doesn't include proper mappings for this IP address.
Yes. I blame Bill Gates (the firewall is made by Microsoft).
Thanks so much for the workarounds!
Norman
More information about the avahi
mailing list