1 |
> When I do ssh google.com the process hangs until I kill it, |
2 |
|
3 |
Its probably just retrying.. |
4 |
adam@sphinx ~ $ cat /proc/sys/net/ipv4/tcp_syn_retries |
5 |
5 |
6 |
|
7 |
...five times because google's firewall is dropping it (so not |
8 |
resetting the connection), and IIRC the timeout at each retry |
9 |
increases (doubles?) so it takes a long time. |
10 |
|
11 |
> but it does |
12 |
> find the right IP address. Along the way it checks /etc/gai.conf, which |
13 |
> is installed by glibc and is used by the getaddrinfo(3) system call. |
14 |
> |
15 |
> My gai.conf has only three uncommented lines: |
16 |
> |
17 |
> scopev4 ::ffff:169.254.0.0/112 2 |
18 |
> scopev4 ::ffff:127.0.0.0/104 2 |
19 |
> scopev4 ::ffff:0.0.0.0/96 14 |
20 |
> |
21 |
> Of course, lots of other files are consulted, as already mentioned in |
22 |
> this thread. I mention gai.conf only because I'd never heard of it |
23 |
> until I ran strace on ssh just now. |
24 |
|
25 |
Never heard of that file either. Interestingly ping and host dont seem |
26 |
to read it. |
27 |
adam@sphinx ~ $ strace ping google.com 2>&1 | grep gai.conf |
28 |
adam@sphinx ~ $ strace host google.com 2>&1 | grep gai.conf |
29 |
adam@sphinx ~ $ strace ssh google.com 2>&1 | grep gai.conf |
30 |
open("/etc/gai.conf", O_RDONLY) = 3 |
31 |
^C |
32 |
|
33 |
And that's because they're not using getaddrinfo (if grepping strace |
34 |
output is a valid test....) |
35 |
|
36 |
It makes sense that host wouldn't use it, and it is supposed to just |
37 |
use DNS not query through the resolution options listed in |
38 |
nsswtich.conf. I have NFI why ping isnt using it.... |