On Thu, 2004-06-10 at 16:12, John Murphy wrote:
> Whenever my FreeBSD-5.2.1 gateway looses its connection to
> the ISP it takes much longer to establish an ssh session to
> it from the LAN side.
> I can live with the delay (not sure I can live with the ISP)
> but I wonder what's happening.

It's probably DNS.

Run "tcpdump port 53" while the modem is off, and things will probably
be clearer.

sshd uses tcpwrappers, so it'll do a reverse lookup on the IP of the
client and then a forward lookup of the result (to make sure it

> Also sendmail fails to accept and queue email from clients
> and browsers can't convert addresses even though Bind is
> running as a caching only name server.

Does it have the relevant info cached?   

Does /etc/resolv.conf point at that nameserver?

Note that if it's RFC1918 space (ie, 10/8 etc) then your caching bind
will cache a negative answer for (by default, I think) 10 minutes, so 10
minutes after the link dies the cache is irrelvant - bind will try and
query blackhole-{1,2} for the data and after a long time

If it is DNS, it'll be worth configuring bind to slave the relevant
zones from the authoritative sources, or be a master for the RFC1918

