Solved

Login is very slow - possible auditing problem?

Posted on 2008-06-19
9
922 Views
Last Modified: 2013-12-06
Logging into our AIX systems is sporadically very slow (ie - minute(s) instead of 2 seconds.  After debugging our login scripts, I've come to think that this is a network issue or related to auditing in some way.  I found this on IBMs site:
    IZ22120: POOR NFS COPY PERFORMANCE ON 6.1 WITH AUDITING ENABLED
but we're also seeing this on our AIX 5.3 systems, as well as our 6.1 systems.  
I'm looking for ideas on how to debug this issue.  Note that I am not a sys admin and therefore don't have access to root.  Sys admins are available but not dedicated to solving this problem.
0
Comment
Question by:sjpetrov
9 Comments
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 21821987
Hi,

Possibly you can start Wireshark and run it before logging. This will give you traces of any possible network errors.

www.wireshark.org

If you are new to WireShark:

wiki.wireshark.org
0
 
LVL 4

Accepted Solution

by:
robertfwoods earned 150 total points
ID: 21822051
It is very important that your network DNS is functioning properly.
The AIX machines must be configured properly to "know who they are".
At login time the process checks the host name against the DNS structure.
The timeout period you are seeing may be the DNS timeout.

Troubleshoot using
nslookup - -
Then enter the hostname of the server
Also enter the hostname.domainname.com
Time the return.

This structure is controlled by three files
/etc/hosts
/etc/resolv.conf
/etc/netsvc.conf

Read about them at:
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/index.jsp 
In the Left panel, navigate to:

AIX documentation>Files reference>System Files>netsvc.conf
AIX documentation>Files reference>File Formats>hosts File...
AIX documentation>Files reference>File Formats>resolv.conf

0
 

Author Comment

by:sjpetrov
ID: 21822058
Unfortunately, it's on a classified network and analyzers such as this are forbidden.  Great idea, though.
0
 
LVL 16

Expert Comment

by:Hanno Schröder
ID: 21825197
In most of these cases the host has problems resolving it's own name when
you log in.
Try resolving with
  telnet hostname
with hostname being the host's own name.

If this does take long (sometimes!), try adding the "official" host name (either
the short name ot the FQDN (hostname including full domain) into /etc/hosts
and try again.

If this solves your problem, you might haev a problem with name resolution.
Depending on your entry for "hosts = " in /etc/netsvc.conf you will have to
check
  a) DNS
      # nslookup hostname
  b) NIS (aka YP)
      # ypmatch hostname hosts
      or
      #ypcat hosts | grep hostname


0
Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

 
LVL 61

Assisted Solution

by:gheist
gheist earned 100 total points
ID: 21842586
Most likely it is DNS problem - your host has no reverse PTR record.

on aix system do host (your_ip)

it waits same...
0
 
LVL 1

Expert Comment

by:duraisamy
ID: 21844265
Do u have any unwanted IP entry in /etc/resolv.conf file? If yes,  it will delay the login process.
Regarding the NFS, Incase you have any NFS volume with automatic mount, try to replace the hostname with IP address and try.
We had the same problem with login and fixed with above options.
0
 
LVL 16

Expert Comment

by:Hanno Schröder
ID: 21844774
we all will have to wait until the asker comes back after checking his DNS setup ...
0
 

Author Comment

by:sjpetrov
ID: 21845043
My Sys Admin has fixed the problem but isn't being forthcoming with what he did, though I know the reverse DNS was fixed, at a minimum.  Thanks for all of the great ideas!
0
 

Author Closing Comment

by:sjpetrov
ID: 31468744
Only problem was on my end, getting and giving info to my sys admin.  
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now