From owner-freebsd-hackers@FreeBSD.ORG Thu Feb 14 11:29:41 2013 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 2325F27D for ; Thu, 14 Feb 2013 11:29:41 +0000 (UTC) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Received: from wojtek.tensor.gdynia.pl (wojtek.tensor.gdynia.pl [188.252.31.196]) by mx1.freebsd.org (Postfix) with ESMTP id 8F6ACA58 for ; Thu, 14 Feb 2013 11:29:40 +0000 (UTC) Received: from wojtek.tensor.gdynia.pl (localhost [127.0.0.1]) by wojtek.tensor.gdynia.pl (8.14.6/8.14.5) with ESMTP id r1EBTTPi002240; Thu, 14 Feb 2013 12:29:29 +0100 (CET) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Received: from localhost (wojtek@localhost) by wojtek.tensor.gdynia.pl (8.14.6/8.14.5/Submit) with ESMTP id r1EBTTet002237; Thu, 14 Feb 2013 12:29:29 +0100 (CET) (envelope-from wojtek@wojtek.tensor.gdynia.pl) Date: Thu, 14 Feb 2013 12:29:29 +0100 (CET) From: Wojciech Puchar To: "Teske, Devin" Subject: RE: rsh/rlogin strange behavior In-Reply-To: <13CA24D6AB415D428143D44749F57D7201EA93B6@ltcfiswmsgmb21> Message-ID: References: , <13CA24D6AB415D428143D44749F57D7201EA93B6@ltcfiswmsgmb21> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.7 (wojtek.tensor.gdynia.pl [127.0.0.1]); Thu, 14 Feb 2013 12:29:30 +0100 (CET) Cc: "freebsd-hackers@freebsd.org" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Feb 2013 11:29:41 -0000 > > repeat 100 rsh date > > HINT: Set yourself up in /etc/hosts.equiv on for password-less entry > > Repeat about 5 or 6 times and then eventually the connection will hang and you won't be able to make more connections for some time. > > Next step? Execute "netstat -an | less" and look for oddities (like a mass pile of FIN_WAIT_2 connections). > > In our case (ymmv) the final ACK was not being sent leaving the client side stacking up a bunch of connections that take msl.timeout time to expire (iirc). If I do remember correctly the problem happened when the server was using an em(4) driver. > > Our ultimate solution was to either switch critical servers to fxp(4) based hardware or roll entire sites over to using key-based SSH (which may work for you -- have you thought about giving ssh-keygen a try? that is, if you're using rsh for the convenience of password-less entry via hosts.equiv for example). > -- it is FreeBSD 9, em or re or bge hardware but rlogin goes over tun(4) interface. in the same time rcp works fine even for gigabyte file. any more ideas?