Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Login is very slow - possible auditing problem?

Posted on 2008-06-19
9
Medium Priority
?
930 Views
Last Modified: 2013-12-06
Logging into our AIX systems is sporadically very slow (ie - minute(s) instead of 2 seconds.  After debugging our login scripts, I've come to think that this is a network issue or related to auditing in some way.  I found this on IBMs site:
    IZ22120: POOR NFS COPY PERFORMANCE ON 6.1 WITH AUDITING ENABLED
but we're also seeing this on our AIX 5.3 systems, as well as our 6.1 systems.  
I'm looking for ideas on how to debug this issue.  Note that I am not a sys admin and therefore don't have access to root.  Sys admins are available but not dedicated to solving this problem.
0
Comment
Question by:sjpetrov
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21821987
Hi,

Possibly you can start Wireshark and run it before logging. This will give you traces of any possible network errors.

www.wireshark.org

If you are new to WireShark:

wiki.wireshark.org
0
 
LVL 4

Accepted Solution

by:
robertfwoods earned 600 total points
ID: 21822051
It is very important that your network DNS is functioning properly.
The AIX machines must be configured properly to "know who they are".
At login time the process checks the host name against the DNS structure.
The timeout period you are seeing may be the DNS timeout.

Troubleshoot using
nslookup - -
Then enter the hostname of the server
Also enter the hostname.domainname.com
Time the return.

This structure is controlled by three files
/etc/hosts
/etc/resolv.conf
/etc/netsvc.conf

Read about them at:
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp 
In the Left panel, navigate to:

AIX documentation>Files reference>System Files>netsvc.conf
AIX documentation>Files reference>File Formats>hosts File...
AIX documentation>Files reference>File Formats>resolv.conf

0
 

Author Comment

by:sjpetrov
ID: 21822058
Unfortunately, it's on a classified network and analyzers such as this are forbidden.  Great idea, though.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 16

Expert Comment

by:Hanno P.S.
ID: 21825197
In most of these cases the host has problems resolving it's own name when
you log in.
Try resolving with
  telnet hostname
with hostname being the host's own name.

If this does take long (sometimes!), try adding the "official" host name (either
the short name ot the FQDN (hostname including full domain) into /etc/hosts
and try again.

If this solves your problem, you might haev a problem with name resolution.
Depending on your entry for "hosts = " in /etc/netsvc.conf you will have to
check
  a) DNS
      # nslookup hostname
  b) NIS (aka YP)
      # ypmatch hostname hosts
      or
      #ypcat hosts | grep hostname


0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 400 total points
ID: 21842586
Most likely it is DNS problem - your host has no reverse PTR record.

on aix system do host (your_ip)

it waits same...
0
 
LVL 1

Expert Comment

by:duraisamy
ID: 21844265
Do u have any unwanted IP entry in /etc/resolv.conf file? If yes,  it will delay the login process.
Regarding the NFS, Incase you have any NFS volume with automatic mount, try to replace the hostname with IP address and try.
We had the same problem with login and fixed with above options.
0
 
LVL 16

Expert Comment

by:Hanno P.S.
ID: 21844774
we all will have to wait until the asker comes back after checking his DNS setup ...
0
 

Author Comment

by:sjpetrov
ID: 21845043
My Sys Admin has fixed the problem but isn't being forthcoming with what he did, though I know the reverse DNS was fixed, at a minimum.  Thanks for all of the great ideas!
0
 

Author Closing Comment

by:sjpetrov
ID: 31468744
Only problem was on my end, getting and giving info to my sys admin.  
0

Featured Post

ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question