ssh / bind help?

Ed Greshko Ed.Greshko at greshko.com
Sun Aug 3 22:21:29 UTC 2008 

William Murray wrote:
>  Hello guys,
>               I have 5 machines in a home network, all running F9, with 
> named/bind providing local DNS.
> A couple of weeks ago a problem appeared: ssh hangs for internal  
> connections. No doubt
> I had misconfigured the thing years ago, as bind mystifies me, but an 
> update must have triggered it.
> 
> The problem is that reverse lookups hang forever; here is the end of 
> "ssh -vvv XXX"
> debug1: Next authentication method: gssapi-with-mic
> debug3: Trying to reverse map address 168.254.0.251.
> Note the 'dot' at the end.
> If I try nslookup 168.254.0.251 it works fine, but 168.254.0.251. does not.

Just curious....  Why do you want to use "168.254.0.251."  If you were to 
use a trailing . on IP addresses outside of your maps you'd find they 
wouldn't get resolved either.

$ host 64.236.24.12
12.24.236.64.in-addr.arpa domain name pointer www3.cnn.com.
$ host 64.236.24.12.
Host 64.236.24.12 not found: 3(NXDOMAIN)
$ host 64.236.24.12
12.24.236.64.in-addr.arpa domain name pointer www3.cnn.com.

So, just don't know what value adding the trailing . has for you or what you 
are expecting.

> 
> Can anyone suggest what I am doing wrong? Here is named.conf, in case 
> that helps.
> Thank you!
> 
> acl ashenden {
>    168.254.0.0/24;
> };
> 
> options {
>    allow-query {
>    168.254.0.0/24;
>    localhost;
> };
> 
> listen-on port 53 {
>         127.0.0.1;
>         ashenden;
> };
>    listen-on-v6 port 53 { ::1; };
>    directory     "/var/named";
>    dump-file     "/var/named/data/cache_dump.db";
>        statistics-file "/var/named/data/named_stats.txt";
>        memstatistics-file "/var/named/data/named_mem_stats.txt";
>      recursion yes;
> };
> 
> logging {
>        channel default_debug {
>                file "data/named.run";
>                severity dynamic;
>        };
> };
> 
> zone "0.254.168.in-addr.arpa." IN {
>    type master;
>    file "168.254.0_0.db";
> };
> zone "ashenden." IN {
>    type master;
>    file "ashenden_0.db";
> };
> zone "." IN {
>    type hint;
>    file "named.ca";
> };
> 
> include "/etc/named.rfc1912.zones";
> 


-- 
Xerox never comes up with anything original.

More information about the fedora-list mailing list