[H-GEN] connection delays

Martin Pool mbp at samba.org
Sat May 19 04:21:10 EDT 2001 

On 19 May 2001, Paul Gearon <pag at PISoftware.com> wrote:

> I'm getting some strange delays on connections to my workstation on my
> local network.  I can connect OK, but I invariably get delays of up to a
> minute before a connection proceeds.  Once the connection is up and
> running then the responsiveness is fine.

This is very typical of a DNS problem.

> This occurs on all service protocols I'm running on my local network
> (pop3, ftp, ssh).  I've looked in the logs, and I see no errors, retries,
> or other likely culprits for the delays.  Ping times over the internal
> network are nice and fast.  Connecting to localhost from the server
> responds instantly.  There's no delay at all when I connect to the
> workstation via ssh from the net.  Also, there's no delay if I set up a
> "service" using 'nc -l -p whatever' and connect to that from inside my
> network.

It's quite likely that those services, or a tcpd wrapper around them,
is trying to do a reverse lookup of the IP address of the client
machine.  You can check this by doing

 # host 192.168.0.2       

or whatever the IP address of the client is.  There is no delay for
localhost because it can be resolved from /etc/hosts, and there is no
delay for a netcat listener because it does no reverse lookup.

You should setup a local DNS server (perhaps on the workstation) that
has forward and reverse zones for your internal IP addresses, and also
acts as a caching forwarder to your ISP.  Attached is a sample
named.conf for BIND8.

> Does anyone have any suggestions where I might find the source of these
> delays?

It can be useful to run a sniffer like iptraf, tcpdump, or ethereal.
You'll probably see a lot of DNS traffic, or if I'm wrong you might
see something else happening.

> If I were getting errors in my system logs or something then I'd
> have something tangible to follow, but instead the only thing wrong
> is that connections take forever to get through.

-- 
Martin Pool

VA Linux NAS: One third the footprint and half the cost of other NAS products
http://valinux.com/storage/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20010519/5b16ff62/attachment.sig>

More information about the General mailing list