Article delegate-en/3959 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3955@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: delegated reload very slow most of time.
22 Apr 2008 08:10:14 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


On 04/15/08(10:17) you "David Wang" <pomhqbdyi-ytjem43ngilr.ml@ml.delegate.org> wrote
in <002f01c89e96$86b263a0$94172ae0$@wang@firstwave.com.au>
 |Our version is 9.1.1, we are using it as proxy to access our http/https
 |server with permitted list. Each time when we add an IP address of our
 |clients into that permitted list file (most are IP address, few is
 |hostname), and reload/restart delegated, most time it takes several minutes,
 |sometimes more than 10 minutes to finish. I checked the log file, it seems
 |most time cost on gethostbyaddr, {R} SOA got for each IP address or
 |hostname. The details are below,
...
 |PERMIT=https:{127.0.0.1:8080}:+=permitted_clients.cfg
 |PERMIT=https:{xxx.xxx.xxx.xxx:8080}:+=permitted_clients.cfg
...
 |permitted_clients.cfg is our permitted access list file, which contains our
 |clients IP address or hostname (more than 95% are IP address). The log file
 |.../log/443 is:
...
 |04/15 10:30:35.02 [17431] 0+0: REMITTABLE = https
 |04/15 10:30:35.08 [17431] 0+0: {R} SOA got
 |[13.101.150.in-addr.arpa][ns2.on.net][hostmaster.adelaide.on.net] 2008031200
...
 |04/15 10:30:39.14 [17431] 0+0: gethostbyaddr(203.45.124.246) unknown[4.02s]
...
 |04/15 10:30:41.27 [17431] 0+0: gethostbyaddr(203.45.124.10) unknown[2.13s]
...
 |Could you please tell me how to fix it so as to reload the permitted access
 |list file more quickly?

DeleGate does not do reverse lookup of DNS for a host name or an IP address
in HostList when it is prefixed with "-", so your address list file should
be like follows:

-203.45.124.246
-203.45.124.10
...


<URL:http://www.delegate.org/delegate/Manual.htm#HostList>
  DISABLING NAME RESOLUTION ( -host )
    If a hostname (or a IP-address) is prefixed with "-" like "-hostname"
    ("-192.168.1.1"), then no name resolution (reverse resolution) will be
    tried for the hostname (IP-address). This will avoid wasting time in
    resolution trial for a never resolvable hostname (IP-address). 

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V