?
Solved

Why is ftp login so slow?

Posted on 2009-02-13
21
Medium Priority
?
244 Views
Last Modified: 2013-11-29
Hi Everyone,
We have a Windows 2003 R2 SP2 box running ftp. When people try to connect to it the message they receive is Connected to xdomain.com However it takes about 30 -45 seconds for the login to come up. Why would this be taking so long?

Thanks for your help
0
Comment
Question by:cireduran
  • 9
  • 9
  • 3
21 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 23638770
Are you using IIS's FTP server or some other ftp server?

Are the users on the same LAN, is this over the Internet, or a private WAN link?
0
 

Author Comment

by:cireduran
ID: 23638851
Hi Thanks responding. It is IPswitch ftp server and it is mostly over the wan.I can connect to the wan internally easy but outside seems to take some time to get the login prompt.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23638869
O.K.  IIRC that ftp server has an option to do reverse look-ups, that is take the IP address and try and find out what host name is associated with it.  Since the majority of IP addresses do NOT have PRT records defined, the ftp server is most likely timing out trying waiting for a response.

I don't know where or how to disable this, but I would look for things like IP address identifying or look up.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 

Author Comment

by:cireduran
ID: 23642149
Hi giltjr,

I think this is a dns issue. I keep getting the following in my dns event log.
Event Type:      Warning
Event Source:      DNS
Event Category:      None
Event ID:      409
Date:            2/14/2009
Time:            2:32:00 PM
User:            N/A
Computer:      dc1
Description:
The DNS server list of restricted interfaces contains IP addresses that are not configured for use at the server computer.
 
Use the DNS manager server properties, interfaces dialog, to verify and reset the IP addresses the DNS server should listen on.  For more information, see "To restrict a DNS server to listen only on selected addresses" in the online Help.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23643396
Is the DNS server running on the same server as the ftp server is?

What this sounds like is that the server DNS is running on has multiple IP addresses and the DNS server is configured so that it does NOT listen on all of them.  Further more the FTP server may be sending resolution requests to one of the IP addresses that the DNS server is configured NOT to listen on.

Does the DNS server have multiple IP addresses?
Is the DNS server configured to only listen on specific ones?
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 23644454
I think your last analysis is accurate giltjr. Mind if I stick around to see how things go?
0
 

Author Comment

by:cireduran
ID: 23647196
Hi giltjr,
The ftp server did have dns server running on it before but i didn't have any problems before this. The only thing I changed last week was moved the dhcp server to a different server. Should the dns server take requests from the ftp server?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23649076
It should.  What IP address do you have configured on the ftp server  to use as its DNS server?

Can you verify that the DNS server is setup to listen on that IP address?

ChiefIT, stick around as long as you want.  It's always nice to have a second set of eyes looking at the problem.
0
 

Author Comment

by:cireduran
ID: 23650583
Hi giltjr,
So I noticed that on the secondary DNS server if i click on all ip addresses there is an address that should not be there but the button to remove is grayed out unless I check the radio button for specific ip address. Any ideas?
thanks for your help
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23651224
On the ftp server does it have that IP address listed in the DNS server box?
0
 

Author Comment

by:cireduran
ID: 23651267
no it does not.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 1000 total points
ID: 23651430
O.K. going back and re-reading, I think the ftp slow login and the alerts on the dns server may be two separate issues.

The dns alerts are because you have the one invalid IP address in the list.  I would suggest that you get the invalid IP address out.

Then what you may want to do is install a packet capture product on the ftp server and capture packets to see what it is doing.

I still think that you may have an option enabled to do reverse look-up and that the ftp server is waiting for a response for the reverse look-up.  This can easily be confirmed by a packet trace.

I recommend using Wireshark (http://www.wireshark.org), but if you have MS netmon utility installed that will work also.
0
 

Author Comment

by:cireduran
ID: 23651459
Hi giltjr,
where would i find the reverse lookup option though?
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 23652898
I was thinking something a little different and hope you don't mind a little side track:

You probably have multiple IPs on the same NIC card. Sometimes people set these up for multiple web sites on one server:

example:
the main domain is on xxx.xxx.xxx.xxx
Web page 1 has the IP of xxx.xxx.xxx.xxy
Web page 2 has the IP of xxx.xxx.xxx.xxz

To direct traffic to these sites directly instead of confusing the server, you should add what is called a conical name entry in DNS (Also known as a CNAME entry). This points your remote clients and server right to the correct IP for the site. So, let's say your FTP site has an IP of xxx.xxx.xxx.xxb, you could create a FTP CNAME entry in DNS that points directly to your FTP site so, it isn't delayed in finding the site and you probably will not get the 409 error that is basically telling you, "I am confused as to what IP I need to go to for FTP business"
0
 

Author Comment

by:cireduran
ID: 23652976
Hi ChieftIT,
There is already an A record for this site should that matter?
Thanks!
0
 

Author Comment

by:cireduran
ID: 23653479
Is there any chance that wins could affect this? Let me back track for a second. The ftp server was the small business server which we then transitioned into a windows standard 2003 server. We then started moving things off of it. ie. first the domain controller, then the exchange server, then I added a secondary domain controller. and then the last thing that I have moved was the dhcp database. wins is still running on this box however but I don't see any particular settings that may affect anything. Over the course of one week is when this all started happening. I created a CNAME under the www.domain.com zone in dns but this hasn't done anything yet.
Thanks for all your help,
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23653558
I don't have access to IP Switch's FTP server software.  I would assume that this option would exist someplace under logging options.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23653592
Is the ftp server running under SBS or Windows 2003 standard?

I would still say that a packet trace would show if reverse look-up is being used.  If that is being used, then that could be the issue.  In fact if WINS or any other network based problem is the issue a packet trace would show.

I can't think of how WINS would come into play.  The FTP server should only be using real DNS, not WINS.
0
 
LVL 39

Assisted Solution

by:ChiefIT
ChiefIT earned 1000 total points
ID: 23665713
"I created a CNAME under the www.domain.com zone in dns but this hasn't done anything yet."

the www is a qualifier telling your query that you are using the world wide web. I wonder if this is trying to go to port 80 for an FTP connection.

Check out the CNAME example on wiki to see if we can get this CNAME record in DNS to work.  

http://en.wikipedia.org/wiki/List_of_DNS_record_types
0
 

Author Closing Comment

by:cireduran
ID: 31546670
Well I wanted to thank you guys for all the help. It definitely helped in narrowing down the issue. The actual problem was that we have a linux box that was sending requests to that ftp every few seconds. Solution was to turn off the box and send it back to the vendor who manages it. Thanks again.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 23672050
An ftp request ever few seconds was slowing it down?  I guess that is why I still like IBM Mainframes.  We can get 100 ftp requests in a single second (which we do quite often) and not notice and we are only running a 5 way that is two generations old.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSL is a very common protocol used these days when browsing the web.  The purpose is to provide security to communication, but how does it do it?  There are several pieces at work that have to be setup before SSL will even work and it requires both …
Resolve DNS query failed errors for Exchange
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month12 days, 17 hours left to enroll

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question