| 1 |
> When I do ssh google.com the process hangs until I kill it, |
| 2 |
|
| 3 |
Its probably just retrying.. |
| 4 |
adam@sphinx ~ $ cat /proc/sys/net/ipv4/tcp_syn_retries |
| 5 |
5 |
| 6 |
|
| 7 |
...five times because google's firewall is dropping it (so not |
| 8 |
resetting the connection), and IIRC the timeout at each retry |
| 9 |
increases (doubles?) so it takes a long time. |
| 10 |
|
| 11 |
> but it does |
| 12 |
> find the right IP address. Along the way it checks /etc/gai.conf, which |
| 13 |
> is installed by glibc and is used by the getaddrinfo(3) system call. |
| 14 |
> |
| 15 |
> My gai.conf has only three uncommented lines: |
| 16 |
> |
| 17 |
> scopev4 ::ffff:169.254.0.0/112 2 |
| 18 |
> scopev4 ::ffff:127.0.0.0/104 2 |
| 19 |
> scopev4 ::ffff:0.0.0.0/96 14 |
| 20 |
> |
| 21 |
> Of course, lots of other files are consulted, as already mentioned in |
| 22 |
> this thread. I mention gai.conf only because I'd never heard of it |
| 23 |
> until I ran strace on ssh just now. |
| 24 |
|
| 25 |
Never heard of that file either. Interestingly ping and host dont seem |
| 26 |
to read it. |
| 27 |
adam@sphinx ~ $ strace ping google.com 2>&1 | grep gai.conf |
| 28 |
adam@sphinx ~ $ strace host google.com 2>&1 | grep gai.conf |
| 29 |
adam@sphinx ~ $ strace ssh google.com 2>&1 | grep gai.conf |
| 30 |
open("/etc/gai.conf", O_RDONLY) = 3 |
| 31 |
^C |
| 32 |
|
| 33 |
And that's because they're not using getaddrinfo (if grepping strace |
| 34 |
output is a valid test....) |
| 35 |
|
| 36 |
It makes sense that host wouldn't use it, and it is supposed to just |
| 37 |
use DNS not query through the resolution options listed in |
| 38 |
nsswtich.conf. I have NFI why ping isnt using it.... |
Archives