Solved

Slow connections

Posted on 2002-07-22
1
281 Views
Last Modified: 2010-04-21
Hello!

I have FreeBSD 4.5 box with mail service (sendmail) and shell just for me (ssh). System performance: ~90% idle.

There are two subnets - in first one I have may workstation, but in second one lies this FBSD box. There are quiet good connections between those two subnets (two routers between). Ping statistic:
round-trip min/avg/max = 1.903/2.261/2.732 ms

When I making connections from same subnet where FBSD lives - everythig works well - fast connections and fast work. But when I making connection from other subnet - where are my workstation - process of connection takes too long (whatever - mail or ssh aprox. 30sec - 60sec to connect). But when connection finisshed (connected) everything works fast.

Although, I make connection with ssh verbosely - there is output:
SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090600f).
debug: Reading configuration data /path/to/ssh_config
debug: Seeding random number generator
debug: ssh_connect: getuid 0 geteuid 0 anon 0
debug: Connecting to host.net.net [xxx.xxx.xxx.xxx] port 22.
debug: Allocated local port 1022.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_2.9 FreeBSD localisations 20011202
debug: no match: OpenSSH_2.9 FreeBSD localisations 20011202
debug: Local version string SSH-1.5-OpenSSH_2.3.0p1
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Host 'host.net.net' is known and matches the RSA host key.
Warning: the RSA host key for 'host.net.net' differs from the key for the IP address 'xxx.xxx.xxx.xxx'
debug: Seeding random number generator
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Doing password authentication.
user@host.net.net's password:
debug: Requesting pty.
debug: Requesting shell.
debug: Entering interactive session.

The points after which it stops for a long time is: "debug: Entering interactive session", "Connection established" and "Received encrypted confirmation"

In the same time, connection to host in the same subnet with FBSD from my WS works fine. Thats mean, that problem is in thisFBSD box. But what is this problem?

0
Comment
Question by:shifted
1 Comment
 
LVL 3

Accepted Solution

by:
pjb1008 earned 400 total points
ID: 7249246
The server is doing DNS lookups to translate the IP address of the client to a name. Check that (a) the server's DNS configuration is correct, and (b) the name server for the appropriate in-addr.arpa records is responding.

Since you get delayed multiple times, I'm guessing that (b) is the problem - bind8 doesn't cache the fact that a name server is not currently reachable.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question