How to suppress reverse DNS lookup?
843811Jun 8 2006 — edited Jan 13 2009When a client SSLSocket connects to the server, then after the SYN, SYN/ACK, ACK handshake the next thing you see on the wire is an attempt to resolve the domain name of the server (as detailed in several previous threads).
The servers I'm wanting to talk to don't have DNS names, and don't have NetBIOS names and don't have hosts file entries, and I connect to them by specifying the IP address. So what we see is first a failed attempt to do a DNS lookup, then a failed repeated attempt to do a NetBIOS name lookup, during which time some higher level application protocol times out the connection attempt.
All previous threads I can find on this subject end up with resolutions such as "make sure the server's name can be looked up by DNS" or "put the server's name and address in the hosts file", neither of which solution is useful to me.
So my question is: How do I stop Java doing these name lookups?
(As an additional question, just out of idle curiousity: what's it doing the name lookup for anyway?? It can't be to verify that the server name embedded in the certificate is the same as the domain name found by the name lookup for at least two reasons:
(a) it's doing the name lookup long before it's managed to acquire a certificate from the server
(b) if I arrange (via the hosts file) that the looked up name is not the same as the domain name in the server certificate then the connection succeeds anyway.)