Shulou(Shulou.com)06/03 Report--

Hundreds of millions of cloud servers cooperate directly with top computer rooms in many countries around the world to provide servers from Hong Kong, the United States, Japan and other countries and regions. If you need them, please contact the official customer service. High-quality server rental!

When we connect to apache, ssh,mysql "target=" _ blank "href=" http://undefined">mysql and other servers, if the connection is too slow, it may be due to the reverse query of dns "target=" _ blank "href=" http://undefined">dns. Some netizens have this situation: the situation is that ssh, ftp and so on have to enter the account password to log in, and only wait 30 seconds after entering the password, which is said to be the time for DNS to reverse parse timeout.

Why do you need reverse resolution of domain names? Because to prevent fake IP to connect to the server, parse the IP into a domain name to improve the installation, to see if the IP is a forgery, this is one of the functions of dns reverse query.

If the connection is too slow after turning on the reverse resolution function of the server such as apache,ssh,mysql. There are two solutions:

It is necessary to set up your own dns parsing or change the hosts file to turn off the service's dns reverse parsing function.

Let's start with the second method, which is the simplest, but after turning off dns reverse parsing, we can't stop the fake IP login.

First, turn off the reverse parsing of mysql,ssh

Find / etc/mysql/my.cnf add under the [mysqld] tag: skip-name-resolve does not resolve the IP address to the host name; all the checks related to access control (mysql.user data table) are marched through the IP address skip-host-cache does not use the cache area to store the corresponding relationship between the host name and the IP address, and then save / etc/init.d/mysql restart restart mysql.

Attached is ssh's:

Cancel dns reverse parsing of sshd service # vi / etc/ssh/sshd_config find option UseDNS, uncomment, and change to UseDNS no restart sshd service / etc/init.d/sshd restart

Second, construct your own dns server and add the domain name of the known server.

This is because these records require dns parsing (the program requires PTR reverse parsing, that is, the mapping from IP to domain name, which is mainly used to verify whether the IP is a valid IP). The solution is as follows:

Method 1: write the commonly used IP address to the hosts file, and then check / etc/nsswitch.conf to see if the program queries the hosts file first (this is generally the default)

Method 2: start a dns server (which can be native), add reverse parsing, and add the dns server to / etc/resolv.conf. Examples are as follows:

/ * reverse mapping** * * / zone "0.0.127.in-addr.arpa" in {type master Notify no; file "named.local"; allow-update {"none";}; zone "20.172.in-addr.arpa" in {type master; file "master/20.172";}; zone "168.192.in-addr.arpa" in {type master; file "master/168.192";}; zone "16.172.in-addr.arpa" in {type master File "master/16.172";}; zone "17.172.in-addr.arpa" in {type master; file "master/17.172";}

For more technical articles related to Apache, please visit the Apache tutorial column to learn!

These are the details of how apache shuts down the reverse parsing of ssh, please pay attention to other related articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.