Hi, my name is Ben and I'm the co-founder and CTO of Mobile Commons in New York City. By default, the MySQL grants table can authenticate users based on IP address or hostname. When a client connects from a particular host, MySQL does a reverse DNS lookup and compares the hostname and IP address.
This is normally pretty fast and makes setting up your grants table easier: you can allow anyone within your domain to connect, for example. And it adds a layer of abstraction between your database and app servers.
However for most applications out there, allowing a single host or few hosts to connect is all you really need. If that’s the case, why add the extra layer of complexity doing DNS lookups? More importantly, if you have a DNS problem on your local LAN (service down, stale cache, etc), it could bring down your entire application because no one can connect to the database.
It’s very easy to turn off reverse DNS. First setup your mysql.user grant table to allow connections from IP addresses and remove the host names. Then edit your my.conf file and add the line
skip-name-resolve
This solution won’t scale to 100s or 1,000s of servers because it becomes to annoying to manage all the IP addresses, but for small clusters, say, 10 servers or so, this adds just a tiny bit of robustness to your infrastructure at no extra cost.
See the MySQL reference manual for more details.
