Apache double reverse dns lookups|
Posted October 29, 2011
%h is putting DNS names instead of IP addresses in your Apache access logs (or perhaps you just notice that requests from clients whose DNS is broken are very slow), check:
HostnameLookups Off in your server config files.
REMOTE_HOST in any
Allow from name or
Deny from name in your server config or .htaccess files. Stick to IP addresses, IP subnets, and "all". In particular, Apache treats "none" as a DNS name, not a magic word like "all".
- No non-numeric hosts in your mod_bw configuration. This includes "localhost". Stick to IP addresses and subnets.
The last two are the only ones I've found that do double reverse lookups (i.e., look up PTR for IP address, then look up A for the resulting name). The PTR lookup is the most common thing that ISPs do wrong, but today it was the A lookup causing trouble.
20:50:47.469751 IP 22.214.171.124.5853 > 126.96.36.199.53: 33618 A? d75-157-82-254.bchsia.telus.net. (49)
20:50:47.571669 IP 188.8.131.52.53 > 184.108.40.206.5853: 33618 ServFail- 0/0/0 (49)