Re: Syslog query - I'm probably doing something stoopid

From: Barry Margolin (barmar@genuity.net)
Date: 05/20/02 

From: Barry Margolin <barmar@genuity.net>
Date: Mon, 20 May 2002 19:17:16 GMT

In article <Xns921465CA2CCE6nospamforme@203.50.2.86>,
Chopper <no.spam@for.me> wrote:
>Well g'day!
>
>I'm in the process of setting syslog up to remotely log to a FreeBSD
>box from 3 AIX boxes. is that a normal thing to do? Anyway, got it
>working EXCEPT the central log host (ie the FreeBSD box) lags behind. It's
>own syslog messages are fine - they are logging AS they happen - it's the
>ones from the AIX boxes. they end up HOURS behind - after only a couple of
>days.

Is reverse DNS set up properly for the AIX boxes? syslogd tries to put the
sender's hostname in the log message, so it has to perform a reverse DNS
lookup for every message it receives. If reverse DNS delegation is not
correct, it may take a while for these to time out, which will cause
syslogd to fall behind pretty quickly. 

-- 
Barry Margolin, barmar@genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.