[Date Prev][Date Next]
Re: client dns lookups, can they be disabled?
On Thu, Sep 19, 2002 at 10:49:55PM +1000, Geoff Swan wrote:
> I have a system with slapd on a server with a known IP address. OpenLDAP
> has been build with the rdns lookups disabled.
> When I use ldapsearch (or any client which uses the openLDAP client
> libraries) to perform a search on the database at this server (by
> specifying the IP address of the server), the client appears to attempt
> to perform a DNS lookup before the bind operation (an ethereal trace
> shows this).
> Is there any way to prevent this? It slows down the search considerably.
I've looked a bit at the code, and it will try to lookup it's own IP
address (at least if compiled with Kerberos, TLS or SASL it seems). You
should be able to avoid that by adding an entry in /etc/hosts. If you
specify IP address of server, at least Linux and FreeBSD have
getaddrinfo() implementations that will not make a DNS request.
With ethereal (or at least tcpdump) you can check what it tries to
lookup. Is it an A record for something starting with your IP address,
is it an A record for your hostname, or is it something else?