HangTenDesign
asked on
Opening FTP Connection takes 1 minute or longer
Can anyone help me figure out why opening a Tiger Server ftp connection is taking up to a minute? Once connected, uploads and downloads are fine. My setup on the Jaguar retail version opens connections in a split second. What gives???
PS. I know you may think I should be in the MAC section but I've had great success debugging my issues here with the very smart folks with FreeBSD. ;-)
PS. I know you may think I should be in the MAC section but I've had great success debugging my issues here with the very smart folks with FreeBSD. ;-)
As gheist indicates, this is very likely to be a host name lookup problem and not an issue with the ftp server directly. In addition to gheist's suggestions, I'd test the speed of connecting to the FTP server against the IP address directly instead of through the hostname.
If the hostname doesn't turn up to be the problem, then I would expect a problem at the ftp server end - but as the speed is good once connected, it doesn't look like it. :)
If the hostname doesn't turn up to be the problem, then I would expect a problem at the ftp server end - but as the speed is good once connected, it doesn't look like it. :)
ASKER
gheist,
I will do as you suggest this evening when I return home. Please correct me if I am wrong:
First I am going to my Shell and I am going to type in...
>time host `hostname`
...where `hostname` is the domain name of my ftp server.
The result must be below one second.
I will do the same as the above for the client machine name and the client IP address. These also must be below one second.
-----------------
Just wanted to let you know that I am also running Web, Mail, database etc with DNS configuration and everything is resolving appropriately and fast.
-----------------
I will do as you suggest this evening when I return home. Please correct me if I am wrong:
First I am going to my Shell and I am going to type in...
>time host `hostname`
...where `hostname` is the domain name of my ftp server.
The result must be below one second.
I will do the same as the above for the client machine name and the client IP address. These also must be below one second.
-----------------
Just wanted to let you know that I am also running Web, Mail, database etc with DNS configuration and everything is resolving appropriately and fast.
-----------------
ASKER
I will answer this question as well...
"is this builtin in.ftpd (like one on FreeBSD ???)"
"is this builtin in.ftpd (like one on FreeBSD ???)"
from man dtpd on FtrrBSD 5.3
-W Do not log FTP sessions to /var/log/wtmp
logging to wtmp induces gethostbyaddr() call to get name for user address and minute seems to be its timeout ....
-W Do not log FTP sessions to /var/log/wtmp
logging to wtmp induces gethostbyaddr() call to get name for user address and minute seems to be its timeout ....
my fingers again ....
man ftpd, from FreeBSD
man ftpd, from FreeBSD
ASKER
gheist,
I saw that man page -W switch but not quite sure how to use it.
When I was at work today, I WSFTPd to my server and watched it pass the commands. It was hanging for the minute on the password authentication. The I went in with bash Terminal and again, saw that it connects immediately to the host but hangs after I enter the password. Aside from authentication being way to long, all other aspects are fine. But I want to offer FTP to my clients and this is unacceptable. I wonder what would cause authentication to take so long??? Believe me, I have scoured the Internet before posting here and couldn't find anything. It's crazy.
I saw that man page -W switch but not quite sure how to use it.
When I was at work today, I WSFTPd to my server and watched it pass the commands. It was hanging for the minute on the password authentication. The I went in with bash Terminal and again, saw that it connects immediately to the host but hangs after I enter the password. Aside from authentication being way to long, all other aspects are fine. But I want to offer FTP to my clients and this is unacceptable. I wonder what would cause authentication to take so long??? Believe me, I have scoured the Internet before posting here and couldn't find anything. It's crazy.
ASKER
So listen to this....I installed the Tiger Server OS on my G4 tower and the FTP is working fast and without any noticeable problems. It had been running on a G3 IMac temporarily until I got the tower set up. Why would it make a difference what Hardware it is running on? Everything else worked normally.
Very strange.
Very strange.
The suspicious thing is DNS - is a dns setup ( ? in /etc/resolv.conf and /etc/nsswitch.conf) any different ???
Is client that connects the same or different ???
Is client that connects the same or different ???
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
gheist,
Ok, I have done all you have instructed. I was able to open up the file in ethereal but not sure how to translate this data to solve my problem. I have #, Time, Source (MAC), Destination (MAC), Source (IP), Destination (IP), Protocol, and Size.
BTW, thank you again for this wisdom!
htd
Ok, I have done all you have instructed. I was able to open up the file in ethereal but not sure how to translate this data to solve my problem. I have #, Time, Source (MAC), Destination (MAC), Source (IP), Destination (IP), Protocol, and Size.
BTW, thank you again for this wisdom!
htd
use "track TCP stream" or smth like that for port 21 connection
fear not this program
fear not this program
Ethereal is a superb program. As you have a very recent version of it you should be able to put the acronym ftp into the filter & Ethereal will filter out everything else. :)
I guess asker is stuck with somewhat older MAC version for now.
The main thing I wanted to show is DNS request without reply following tcp connection.... which makes things slow as hell.
The main thing I wanted to show is DNS request without reply following tcp connection.... which makes things slow as hell.
ASKER
Actually, I have the latest and greatest. Just need to know what to look for and how to translate it.
Let me study it to see if there is a "DNS request without reply following tcp connection." I will report back with more info soon.
Asker
Let me study it to see if there is a "DNS request without reply following tcp connection." I will report back with more info soon.
Asker
usually it is PTR request to DNS server with in-addr.arpa domain
and ethereal finds no response when you follow that stream.
and ethereal finds no response when you follow that stream.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
jrssystemsnet,
I am going away for the weekend but I will do this Sunday night when I return. I am very excited about this and PRAY that it works. I've been researching and trying different things for a couple weeks now. My DNS has been validated as good set up. So.........
HTD
I am going away for the weekend but I will do this Sunday night when I return. I am very excited about this and PRAY that it works. I've been researching and trying different things for a couple weeks now. My DNS has been validated as good set up. So.........
HTD
Yet another to try, especially if you use GER or IPSEC between you and client or nameserver
sysctl -w net.inet.tcp.path_mtu_disc overy=0
sysctl -w net.inet.tcp.path_mtu_disc
ASKER
jrssystemsnet,
I most certainly was having an issue with ftpd or in my case xftpd. I added a line to the ftpaccess file to not look up client username.
do_rfc931 no
When specified, the xftpd(8) server will suppress the use of
RFC931 (AUTH/ident) to attempt to determine the username on the
client. This behavior may also be suppressed by providing the
command line argument '-I' to xftpd(8).
Thanks again for a great suggestion leading to my solution. And thank you gheist for helping dig further and finding more ways to troubleshoot.
Until next time...
HTD
I most certainly was having an issue with ftpd or in my case xftpd. I added a line to the ftpaccess file to not look up client username.
do_rfc931 no
When specified, the xftpd(8) server will suppress the use of
RFC931 (AUTH/ident) to attempt to determine the username on the
client. This behavior may also be suppressed by providing the
command line argument '-I' to xftpd(8).
Thanks again for a great suggestion leading to my solution. And thank you gheist for helping dig further and finding more ways to troubleshoot.
Until next time...
HTD
That slows sendmail mailer too btw
http://en.wikipedia.org/wiki/Jaguar
????
Diagnose dns lookups
time host `hostname`
most be below second
time host client-name
time host client-ip
must be below second on second attempt.
is this builtin in.ftpd (like one on FreeBSD ???)