Robomongo: SSH Tunnel connection fails with DNS
The tunnel itself is fine through another server, however, when trying to connect to the database using a custom domain name with a custom DNS server, it fails.
Changing the address to its internal IP allows a successful connection. Other systems are successfully connecting using the domain name.
The SSH tunnel has the custom DNS server, and can successfully look up the domain.
confuser
All 7 comments
@confuser If you are using an SSH tunnel to forward local ports to a remote host, the database connection string from Robomongo's point of view will be the local hostname and port (eg localhost:27017). If you want to use the domain name of the remote host it will also have to resolve from the local machine (for example, you could add an entry in /etc/hosts).
Robomongo (or other apps) will not try to resolve names on the other end of the tunnel; the whole point of the tunnel is to securely connect two endpoints that otherwise do not have direct access. If your custom DNS resolves from a normal command line without extra configuration, the same DNS should work from Robomongo.
If the problem is something else, can you provide more details on your set up?
Thanks!
stennie
on 15 Nov 2014
Other apps such as WinSCP handles this scenario just fine. The host is set to a custom domain, and the tunnel is set to the domain which major DNS servers can lookup.
Running the ssh tunnel command via the command line works fine too.
RoboMongo is the only app I currently use with tunnel capabilities that does not perform the DNS look-up of the host, on the tunnel'd host.
confuser
on 15 Nov 2014
@confuser How does WinSCP add the DNS to the host environment? Are you using a proxy setup in addition to (or instead of) a tunnel? Robomongo isn't doing anything special with name resolution.
It looks like WinSCP can add name resolution when using a proxy (http://winscp.net/eng/docs/ui_login_proxy#dns) but I don't see any options for doing this as part of ssh tunnelling: http://winscp.net/eng/docs/tunneling. Can you include some more details on the connection set up so we could try to reproduce this?
In the non-Windows world an ssh tunnel does not imply any changes to DNS.
stennie
on 15 Nov 2014
ssh -L 27018:custom-domain.lan:27017 [email protected]
No special configs, no proxies either.
confuser
on 15 Nov 2014
@confuser Thanks for the usage example. I would expect that to work, as long as the endpoint of the tunnel (real-domain.com) can resolve the custom-domain.lan address. I'll try setting up a repro with WinSCP and have a peek at what the code is doing.
stennie
on 17 Nov 2014
@confuser In the latest 0.9.0 RC8 release we reworked ssh tunnel from scratch. It now works much faster, supports DNS and has some security improvements. You can read more in the following blog post
Let us know if it worked for you, if there are any issues -- please create a new ticket.
anorsich
on 19 Apr 2016
Amazing, thanks @anorsich!
confuser
on 19 Apr 2016
Related issues
imkratos
·
4Comments
kphamilton
·
3Comments
enBonnet
·
4Comments
matgenois
·
4Comments
itoonx
·
4Comments
Most helpful comment
Amazing, thanks @anorsich!