How to mitigate the issue where this a long delay when logging in via SSH or console.
When an SSH session is initiated to a linux box, the SSH server tries to perform a lookup on the client’s IP; in certain situations this is not going to be possible, e.g.:
- the configured DNS server is offline
- the firewall / smartcentre cannot talk to the configured DNS because of a policy
- the external internet connection is down etc.etc.
This DNS timeout manifests itself as an incredibly long delay for the user trying to log in – fortunately there is a very quick fix for this:
- delete the nameservers entirely!
- configure nameservers that the machine is able to reach
- use internal nameservers if your internet connection is flaky
This is the case for all Checkpoint linux-based machines as well as IPSO and Gaia.
