On Wed, Oct 28, 2009 at 6:16 PM, Eric Shubert wrote: > Steven A. DuChene wrote: > > I am working on a project with 50 - 70 servers in the AT&T data center > > on University. They have either RHEL5U3 or CentOS5U3 on the systems. > > I have DNS configured with the normal bind 9 packages that come with > > CentOS5U3. My problem is when using ssh to get between the systems > > if i use the short name for a system it takes a long time to get to > > a shell prompt on the remote system. If I use the fully qualified > > domain name or the IP address of I use a "-4" with the short name > > I get to a shell prompt immediately. So to illustrate: > > > > root@adm # ssh new75 > > > > takes a LONG time to get shell prompt. > > > > Any of the following get me a shell prompt almost immediately: > > > > root@adm # ssh -4 new75 > > > > root@adm # ssh new75.wholedomain.here > > > > root@adm # ssh 10.4.5.6 (IP address of new75 system) > > > > Since the "-4" option seems to have a positive effect I have gone > > to each system and made sure the IPv6 kernel modules are not loaded > > and the network file in /etc/sysconfig/ has the following line in > > it: > > > > NETWORKING_IPV6=no > > > > but that made little or no difference to the problem. The lines > > I added to the /etc/modprobe.conf file look like this: > > > > alias net-pf-10 off > > alias ipv6 off > > > > I believe it some strange interaction problem between IPv6 and DNS > > but I do not have a clear plan on what to try next. > > > > Any suggestions? > > -- > > Steven DuChene > > > > > > > http://forums.cpanel.net/f5/rh-5-4-update-bind-named-network-unreachable-resolving-ipv6-129889.html > ? > > -- > -Eric 'shubes' > > Aggressive WorkAround: Turn off IPV6 completely: Is the kernel IPV6 module loaded? # lsmod | grep ipv6 Disable anything that depends on ipv6. NOTE: You should not allow ipv6 to traverse your bastion ingress firewall ACL, or filter before this machine, since turning off ip6tables could be a security risk: # chkconfig ip6tables off Save the following line in a file in /etc/modprobe.d/ directory: install ipv6 /bin/true Reboot is required here! Then blacklist the module; it will still load, but it will not work other than invoke /bin/true so modules that call it still work. # blacklist ipv6 Be sure networking does not call ipv6: Edit /etc/sysconfig/network-scripts/ifcfg-eth0 IPV6INIT=no IPV6_AUTOCONF=no Finally, you can safely remove the following option from the /etc/sysconfig/network file, if it exists: NETWORKING_IPV6=no REF: http://fedoraproject.org/wiki/IPv6Guide -- Skype: (623)239-3392 AT&T: (503)754-4452 www.obnosis.com