| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | rammohan ganapavarapu <rammohanganap(at)gmail(dot)com> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: FQDN for replication connection in pg_hba.conf |
| Date: | 2017-10-10 22:17:15 |
| Message-ID: | 32197.1507673835@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
rammohan ganapavarapu <rammohanganap(at)gmail(dot)com> writes:
> Can we use fqdn in pg_hba.conf for replication connections?
Yes, if you're using 9.3 or newer, but note what the manual says:
If a host name is specified (anything that is not an IP address range
or a special key word is treated as a host name), that name is
compared with the result of a reverse name resolution of the client's
IP address (e.g., reverse DNS lookup, if DNS is used). Host name
comparisons are case insensitive. If there is a match, then a forward
name resolution (e.g., forward DNS lookup) is performed on the host
name to check whether any of the addresses it resolves to are equal to
the client's IP address. If both directions match, then the entry is
considered to match. (The host name that is used in pg_hba.conf should
be the one that address-to-name resolution of the client's IP address
returns, otherwise the line won't be matched. Some host name databases
allow associating an IP address with multiple host names, but the
operating system will only return one host name when asked to resolve
an IP address.)
My bet is you don't have reverse DNS set up correctly for that address.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2017-10-10 22:18:42 | Re: FQDN for replication connection in pg_hba.conf |
| Previous Message | rammohan ganapavarapu | 2017-10-10 22:08:00 | FQDN for replication connection in pg_hba.conf |