[Info-vax] Telnet DNS Problem (OpenVMS 8.4, Itanium)

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Thu Feb 18 12:47:23 EST 2016 

On 2016-02-18 17:25:52 +0000, serfsmith at gmail.com said:

> On Thursday, February 18, 2016 at 5:18:32 PM UTC+2, Stephen Hoffman wrote:
> 
>> Would take a few minutes to fire up a private DNS server on a plug or
>> some old x86 box or on a Mac with Server.app loaded, aim OpenVMS at
>> that, and that won't effect the rest of the environment at all.
> 
> Nope, won't work; once again, TELNET insists on trying to connect to 
> the same server (i.e., to the IP address assigned to IE0 in this case) 
> to do reverse lookups; here's the TCPDUMP when trying to connect:

Telnet should only be connecting to the host(s) that are configured as 
the DNS servers or DNS resolvers.

If your OpenVMS DNS configuration is correct — and given what's 
obfuscated and what's potentially incorrectly configured? — then that 
connect-to-self is a bug, and it's only going to be resolved with an 
alternate telnet client (or whatever is initiating that reverse 
translation), or a fix from HPE.

>> Probably also brute-force it by entering your entire DHCP range into 
>> TCPIP> SET HOST, too.   OpenVMS won't ask the DNS server, if it has the 
>>  equivalent in the OpenVMS version of an /etc/hosts entry.
> 
> I've considered that - horrible kludge though.

With a busted DNS server configuration that'll take a month or two to 
sort out, you're worried about kludges?

If y'all would like to start this over again without obfuscated data, I 
can send you the commands to verify that the local DNS operations are 
correct.

But if local DNS services are hosed, then your choices are to insert 
your own DNS server into the DNS connection or to use SET HOST, or to 
fix DNS services, patch or replace the telnet client (if that's what is 
triggering the lookup, and not some other component of TCP/IP Services 
doing the reverse lookup secondary to — probably — accounting), or to 
live with the timeouts.  HPE might be willing to provide a way to 
defeat the reverse lookup for logging (whether for performance or other 
reasons), but they're probably going to be disinclined to change 
OpenVMS to work around an invalid DNS services configuration.



-- 
Pure Personal Opinion | HoffmanLabs LLC

More information about the Info-vax mailing list