Bug #26593 Delay opening a connection with an ip address due to dns reverse lookup
Submitted: 23 Feb 2007 13:46 Modified: 27 Feb 2007 19:59
Reporter: Christian Coish Email Updates:
Status: Duplicate Impact on me:
None 
Category:Connector / NET Severity:S3 (Non-critical)
Version:5.0.3.0 OS:Windows (Windows 2000)
Assigned to: CPU Architecture:Any
Tags: Delay, hostname, IP, reverse dns, reverse lookup

[23 Feb 2007 13:46] Christian Coish 
Description:
When opening a connection to a database using an IP address, opening a connection has a significant delay, typically about 15 seconds, if DNS is not handled to do reverse DNS.

This problem did not occur with the older 1.0.7.30072 version of the .Net Connector.  It appears just to be a problem with the 5.x series.

This is likely considered a security measure.  I've seen the same issue with the MySQL Connector/J, though that was due to the networking code of the Java runtime itself, not MySQL.  In that case, the Java developers also considered it a security measure.  There are those who disagree with this, for example: http://homepages.tesco.net/J.deBoynePollard/FGA/dns-avoid-double-reverse.html

I do not know who is right, but I believe the ability to disable it is required.  I do not see a way in either the MySQL driver or .Net, and this behaviour differs from older versions of the driver.

How to repeat:
Assume you have a server test.delay.com with an IP address of 192.168.1.101, and accepting connections from user 'test' with no password.  If you have DNS setup, but not able to handle reverse lookups, the following connection has a delay greater than 10 seconds:

<code>
string connString = "SERVER=192.168.1.101;" +
                "DATABASE=test;" +
                "UID=test;" +
                "PASSWORD=;";
MySqlConnection connection = new MySqlConnection();

// Delay occurs on open.
connection.Open();
</code>

Whereas this connection specifying the hostname would have no delay:

<code>
string connString = "SERVER=test.delay.com;" +
                "DATABASE=test;" +
                "UID=test;" +
                "PASSWORD=;";
MySqlConnection connection = new MySqlConnection();

// No delay occurs on open.
connection.Open();
</code>

Suggested fix:
I would suggest turning off the need for this reverse lookup, or at least providing an option to turn it off for the driver.  You can turn it off on the server using --skip-name-resolve, but that doesn't help for this case because it appears to be doing the reverse lookup on the driver side.

Workarounds:
- Enable DNS reverse-lookup on all affected boxes.
- If you have forward-only DNS enabled, only use host names, not IP addresses.
- For testing purposes, you can just put the hostname and IP address in your hosts file (e.g. C:\Winnt\system32\driver\etc\hosts in Windows 2000).
[23 Feb 2007 16:27] Christian Coish 
It looks like it's just a problem with using Dns.GetHostEntry on line 73 of StreamCreator.cs.  Previously, the deprecated Dns.GetHostByName was used, which did not do a reverse lookup.

I'm assuming the reverse lookup was an unintended consequence of moving away from this deprecated function.  If so, The simple solution would just be to use:

IPAddress[] addressList = Dns.GetHostAddresses(dnsHosts[index]);

And then do a:
foreach (IPAddress address in addressList)

instead of:
foreach (IPAddress address in ipHE.AddressList)

The proxy at my work won't let me pull down the subversion repository, so I can't just make a patch myself.
[27 Feb 2007 19:59] Reggie Burnett 
This is a duplicate of bug # 26152 which has been fixed in 5.0.4