[Bug 65301] the enableLookups configuration is not fully active
https://bz.apache.org/bugzilla/show_bug.cgi?id=65301 Remy Maucherat changed: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #5 from Remy Maucherat --- Fixed RemoteIpValve to avoid using the local host name if not really needed. The change will be in 10.0.7, 9.0.47 and 8.5.67. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65301] the enableLookups configuration is not fully active
https://bz.apache.org/bugzilla/show_bug.cgi?id=65301 --- Comment #4 from wangmc --- thanks,You're right. when the system is configured with DNS, getLocalName will attempt to search for "hostname" using the native IP. This will also use the DNS service, which will occasionally result in a slow query if the system is not configured with DNS cache. You can get the "hostname" efficiently in the simpler way you mentioned, without the DNS query. now I have circumvented this problem by installing the NSCD service. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65301] the enableLookups configuration is not fully active
https://bz.apache.org/bugzilla/show_bug.cgi?id=65301 --- Comment #3 from Remy Maucherat --- As it is right now, the enableLookups flags documentation is accurate: "Set to true if you want calls to request.getRemoteHost() to perform DNS lookups in order to return the actual host name of the remote client. Set to false to skip the DNS lookup and return the IP address in String form instead (thereby improving performance). By default, DNS lookups are disabled." As a result, I think the current behavior of the flag should not be changed. If the local name lookup is really a problem, then a new flag can be introduced. Reading the RemoteIpValve code, saving and restoring the localName is not needed if isChangeLocalName() is false (the default value). Since this has a cost, it's an easy enhancement that I'll do. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65301] the enableLookups configuration is not fully active
https://bz.apache.org/bugzilla/show_bug.cgi?id=65301 --- Comment #2 from wangmc --- on my service dns is a must. so I disabled Lookups(default is false) in "server.xml".but in my code used RemoteIpValve class, the methord getLocalName does not on the controll of the "enableLookups=false",this methord alawys do dnslockup.This is not what I expected and It's also an imperfect judgment. so one way I must deprecated to use RemoteIpValve ,one way disable DNS at the system level and edit hosts to suport needed dns. I expect the configuration(enableLookups) to be consistent,It's more rigorous. thanks -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 65301] the enableLookups configuration is not fully active
https://bz.apache.org/bugzilla/show_bug.cgi?id=65301 --- Comment #1 from Remy Maucherat --- Created attachment 37858 --> https://bz.apache.org/bugzilla/attachment.cgi?id=37858=edit Patch This can be fixed easily, *but* there's a problem. Most often (= always) DNS lookup must be disabled, so then the actual local name is not available anymore. The actual local name could be used a lot more in user code than the remote host name (which if needed is probably coded with DNS resolution) and as a result it could break existing apps. I don't understand why your local name lookup would be so slow. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
