From which host are names resolved for SSH tunnels?

If I am on hostA and connect to hostB with SSH, simultaneously creating a tunnel with the -L and/or -R options, and I specify the tunnel destination symbolically as hostC, who resolves the name to an IP address, hostA or hostB? Does it make a difference whether it is a local tunnel (-L) or remote tunnel (-R)?

This would matter if hostA and hostB have different views of hostC's address.

That is, if I do this:

hostA$ dig hostC A +short
192.168.1.3
hostA$ ssh -L 1111:hostC:2222 -R 3333:hostC:4444 hostB
hostB$ dig hostC A +short
10.0.0.3

What address does hostA use for packets presented to hostB:3333? What address does hostB use for packets presented to hostA:1111?

neirbowj

Posted 2013-10-15T17:48:11.373

Reputation: 394

Answers

After a little tcpdump'ing i figured out that in both cases hostB resolves the IP-Address to the hostname.

I just started tcpdump port 53 on hostA and hostB and tested the commands you provided.

For the second part of your question I can't provide an answer because the systems i used to reproduce what you provided in your question are hardly configured with IP-Adresses so I can't see any Hostname-Lookup (just a few Reverse-Lookups but I didn't mentioned to analyse them as they weren't part of your question)

noggerl

Posted 2013-10-15T17:48:11.373

Reputation: 1 229

I don't understand your statement about "the second part of [my] question." In the example, I give the IP address of hostC from the perspective of hostA and of hostB. The addresses of hostA and hostB are not significant. – neirbowj – 2013-10-19T16:51:57.140

Now i get what you meant, also didn't see the different hostnames in the prompt. I have to rethink this a bit. – noggerl – 2013-10-19T16:58:34.623

-1

The resolver is driven by /etc/resolv.conf and other configuration files on the host where the requesting process is running.

Pavel Šimerda

Posted 2013-10-15T17:48:11.373

Reputation: 712

Your statement is correct, but does not help to answer the question. – neirbowj – 2013-10-17T21:08:31.937

Flagged the comment as non-constructive as it doesn't indicate why. – Pavel Šimerda – 2013-10-18T07:08:50.637

My question is about the behavior of the SSH process---does it do a lookup locally and give an IP address to its peer, or does it send the hostname to the peer who then performs the lookup---but your answer describes how to configure a host to perform lookups for any process that tries to do a lookup. – neirbowj – 2013-10-19T16:47:53.713

Understood now. But that's easily testable and doesn't need a question on stack overflow. – Pavel Šimerda – 2013-10-19T20:48:14.897