Hitchhiker's Guide to Openbsd
- Does OpenBSD support any journaling filesystems?
Download 1.27 Mb. Pdf ko'rish
|
obsd-faq49
- Bu sahifa navigatsiya:
- An example of this situation
- What is going on
|
8.21 - Does OpenBSD support any journaling filesystems?
No it doesn't. We use a different mechanism to achieve similar results called Soft Updates. Please read FAQ 14 - Soft Updates to get more details. 8.22 - Reverse DNS - or - Why is it taking so long for me to log in? Many new users to OpenBSD experience a two minute login delay when using services such as ssh or ftp . This can also be experienced when using a proxy, such as ftp-proxy , or when sending mail out from a workstation through sendmail . This is almost always due to a reverse-DNS problem. DNS is Domain Name Services, the system the Internet uses to convert a name, such as "www.openbsd.org" into a numeric IP address. Another task of DNS is the ability to take a numeric address and convert it back to a "name", this is "Reverse DNS". In order to provide better logging, OpenBSD performs a reverse-DNS lookup on any machine that attaches to it in many different ways, including ssh , ftp , sendmail , or ftp-proxy . Unfortunately, in some cases, the machine that is making the connection does not have a proper reverse DNS entry. An example of this situation: A user sets up an OpenBSD box as a firewall and gateway to their internal home network, mapping all their internal computers to one external IP using NAT . They may also use it as an outbound mail relay. They follow the installation guidelines, and are very happy with the results, except for one thing -- every time they try to attach to the box in any way, they end up with a two minute delay before things happen. What is going on: From a workstation behind the NAT of the gateway with an unregistered IP address of 192.168.1.35, the user uses ssh to access the gateway system. The ssh client prompts for username and password, and sends them to the gateway box. The gateway then tries to figure out who is trying to log in by performing a reverse DNS lookup of 192.168.1.35. The problem is 192.168.0.0 addresses are for private use, so a properly configured DNS server outside your network knows it should have no information about those addresses. Some will quickly return an error message, in these cases, OpenBSD will assume there is no more information to be gained, and it will quickly give up and just admit the user. Other DNS http://www.openbsd.org/faq/faq8.html (16 of 20)9/4/2011 10:02:10 AM 8 - General Questions servers will not return ANY response. In this case you will find yourself waiting for the OpenBSD name resolver to time out, which takes about two minutes before the login will be permitted to continue. In the case of ftp-proxy , some ftp clients will timeout before the reverse DNS query times out, leading to the impression that ftp-proxy isn't working. This can be quite annoying. Fortunately, it is an easy thing to fix. Download 1.27 Mb. Do'stlaringiz bilan baham: 
|