Menu
▾
▴
#50 startup delayed with many entries in known_host_identities
if your DNS server is unavailable when you start HIP (e.g. entries in /etc/resolv.conf are unreachable) then startup may take a very long time as the known_host_identities.xml file is loaded. HIP will not be initialized yet and initiators will get ICMP protocol unreachable while this DNS lookup delay is underway...
this is due to the call to getaddrinfo() in add_addresses_from_dns() protocol/hip_util.c
long-term solution may be do provide address locking and spin off threads for adding addresses at some later time, or adopting libadns or similar resolver library
there are two immediate workarounds:
- store addresses <addr></addr> with HITs in known_host_identities.xml if they are known
- use the option <disable_dns_lookups>yes</disable_dns_lookups> in hip.conf
