SSH to cluster management with Domain credentials fails due to DNS timed out error
Applies to
- ONTAP 9
- Domain Tunnel
Issue
- A domain tunnel has been configured for cluster authentication via a domain-joined data SVM
- When attempting an SSH session to the cluster management interface using trusted domain user, the credentials are prompted but not accepted
- After inputting valid credentials, the connection fails with error "Remote side unexpectedly close network connection"
- DNS is configured with 2 DNS server(timeout = 2 seconds and maximum attempts = 2).
- The following errors are logged in logs
- EMS:
Wed Apr 13 07:18:13 +0000 [Node-01: secd: secd.dns.server.timed.out:error]: DNS server 10.20.x.x did not respond to vserver = svm1 within timeout interval.
Wed Apr 13 07:18:24 +0000 [Node-01: sshd: sshd.loginGraceTime.expired:error]: Timeout before password authentication for remote host 10.200.x.x.
2. SECD:
Wed Apr 13 07:18:13 +00:00 [kern_secd:info:63428] | [002.009.863] ERR : NSLIBC: __res_nsend(), ../../../../../lib/libc/resolv/res_send.c:804, Vsid = 3 Timed out while connecting to DNS server:10.20.x.x via Source Address x.x.x.x. Error: Operation timed out