List:General Discussion« Previous MessageNext Message »
From:Tuc at T-B-O-H Date:September 1 2005 3:24pm
Subject:Re: Connections with bad DNS cause lockups
View as plain text  
Hi,

	(Lets not get into top/bottom/mixed post discussions. :) )

	I'm not sure why putting in hosts would make a difference.
Doesn't the --skip-name-resolve bypass any sort of name resolution,
be it /etc/hosts or resolver? Or are you telling me to change 
nsswitch.conf from "hosts: files dns" to just "hosts: files"?
Would be a SLIM possibility, if this wasn't a machine that didn't
only do MySQL and other things in my TCPWrappers (/etc/hosts.allow)
did partial domain matching for clients.

			Thanks, Tuc
> 
> 
> (please, either top-post or bottom-post but don't mix it up)
> 
> One way to bypass a broken DNS server is to create complete HOSTS files on 
> your servers. That way you can keep using your hostnames but avoid the 
> problems of actual DNS server negotiations going sour as all hostname to 
> IP address translations are handled locally. This is especially useful for 
> resolving internal names for resources that rarely change addresses (like 
> servers and most users). Then, the only names that pose a risk would be 
> those not on the list.
> 
> It's not a perfect solution but it may keep you going until MySQL can 
> figure out something better to deal with misbehaving DNS servers.
> 
> Shawn Green
> Database Administrator
> Unimin Corporation - Spruce Pine
> 
> Tuc at T-B-O-H <ml@stripped> wrote on 09/01/2005 10:56:24 AM:
> 
> > > 
> > > Hello.
> > > 
> > > Have a look here:
> > >   http://dev.mysql.com/doc/mysql/en/dns.html
> > > 
> > > You may want to start mysqld with the --skip-name-resolve option.
> > >
> > Hi,
> > 
> > 
> >    Thanks for the reply.  I did see that page before, but
> > I guess my bigger question is why if the DNS is broken/slow, why
> > does the entire server come to a COMPLETE halt, no commands can
> > be done via either TCP *OR* the socket.  If it just errored, that
> > session took forever, whatever... I could understand. The problem
> > is that when it gets probed, it COMPLETELY offlines (DOS) the server.
> > And just *1* connection!
> > 
> >    Just also seems difficult to keep proper documentation if
> > we are using IPs and not complete hostnames.
> > 
> > 
> >       Thanks, Tuc
> > > 
> > > Tuc at T-B-O-H <ml@stripped> wrote:
> > > > Hi,
> > > > 
> > > >        We seem to be running into a problem with our 
> > > > installation that we don't understand.
> > > > 
> > > >        We are running "mysql-server-4.0.25" from
> > > > the ports collection on a FreeBSD 5.3-RELEASE-p10
> > > > machine. Its tcpwrapper'd to only allow from our
> > > > /24, and a single machine outside the /24.
> > > > 
> > > >        At times, all of a sudden the server seems
> > > > to "freeze". It appears that we've narrowed it down
> > > > to an issue with people attacking the server that
> > > > come from a site that has a bad reverse DNS setup.
> > > > 
> > > >        Has anyone else seen this, or knows how
> > > > to stop it?
> > > > 
> > > >                Thanks, Tuc

Thread
Connections with bad DNS cause lockupsTuc at T-B-O-H30 Aug
  • Re: Connections with bad DNS cause lockupsGleb Paharenko31 Aug
    • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H1 Sep
      • Re: Connections with bad DNS cause lockupsSGreen1 Sep
        • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H1 Sep
          • Re: Connections with bad DNS cause lockupsSGreen1 Sep
            • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H1 Sep
      • Re: Connections with bad DNS cause lockupsGleb Paharenko2 Sep
        • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H2 Sep
          • Re: Connections with bad DNS cause lockupsGleb Paharenko3 Sep
            • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H3 Sep
              • Re: Connections with bad DNS cause lockupsGleb Paharenko3 Sep
                • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H3 Sep
                  • Re: Connections with bad DNS cause lockupsGleb Paharenko5 Sep
                    • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H5 Sep
                      • Re: Connections with bad DNS cause lockupsGleb Paharenko5 Sep
                        • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H5 Sep
                    • Re: Connections with bad DNS cause lockupsTuc at T-B-O-H14 Sep