From owner-freebsd-questions@FreeBSD.ORG Tue Dec 1 20:16:44 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF6E9106568B for ; Tue, 1 Dec 2009 20:16:44 +0000 (UTC) (envelope-from williamt@corp.sonic.net) Received: from a.mail.sonic.net (a.mail.sonic.net [64.142.16.245]) by mx1.freebsd.org (Postfix) with ESMTP id A6DD78FC15 for ; Tue, 1 Dec 2009 20:16:44 +0000 (UTC) Received: from williamt.vpn.sonic.net (williamt.vpn.sonic.net [64.142.22.94]) (authenticated bits=0) by a.mail.sonic.net (8.13.8.Beta0-Sonic/8.13.7) with ESMTP id nB1KGhtL017735 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for ; Tue, 1 Dec 2009 12:16:44 -0800 From: William Taylor Mime-Version: 1.0 (Apple Message framework v1077) Date: Tue, 1 Dec 2009 12:16:43 -0800 In-Reply-To: To: freebsd-questions@freebsd.org References: <63450BC7-7E22-4448-B030-63F34AD00749@corp.sonic.net> Message-Id: <16E3B0DF-4AD1-4CA6-BC25-124A4A82EA12@corp.sonic.net> X-Mailer: Apple Mail (2.1077) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: tcp delays in jails X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Dec 2009 20:16:44 -0000 On Dec 1, 2009, at 3:07 AM, Ivan Voras wrote: > William Taylor wrote: >> I recently started having a problem with tcp connections in one of my = jails. >> Im running 4.9-stable >=20 > I guess it will not do any good to tell you to upgrade to 8.0? :) >=20 Not at this time although I probably should eventually. I still have = a 3.5-STABLE box kicking around. I have always been a believer of if it isn't broken don't fix it. >> both sendmail and perdition experience the same problem. I even tried = stopping >> everything on the box and the problem still persists. >=20 > Just to verify - the problem is on the side of the servers (TCP = listeners)? >=20 Seems to be. I could write a small tcp server and see if I can get it = to exhibit the same behavior or not. >> Connections to other jails on different ip's on the same box are = fine. >> There seems to be about a 5 second delay. >> =46rom this snippet of a ktrace I did you can see what looks to be a = delay of about 5 seconds after the CALL kevent >=20 > I'm not sure what you are tracing but this trace looks like something = having to do with DNS. >=20 > Does DNS resolve properly on the box? Reverse DNS also? Some servers, = ssh and probably sendmail also, do a reverse DNS lookup on the = connecting client. > Just the generic ones... try seeing if DNS and reverse DNS work first. >=20 >=20 Yes DNS is resolving properly forward and reverse. I even tried changing = DNS servers.