From owner-freebsd-questions Thu Apr 8 7:30:51 1999 Delivered-To: freebsd-questions@freebsd.org Received: from wizeup.com (90William224.osaccess.com [209.83.165.224]) by hub.freebsd.org (Postfix) with ESMTP id D2603159F1 for ; Thu, 8 Apr 1999 07:30:46 -0700 (PDT) (envelope-from Phil.Wang@wizeup.com) Received: from wizeup.com (90William224.osaccess.com [209.83.165.224] (may be forged)) by wizeup.com (8.8.7/8.8.7) with ESMTP id KAA12536; Thu, 8 Apr 1999 10:30:39 -0400 (EDT) (envelope-from Phil.Wang@wizeup.com) Message-ID: <370CBD8D.B24D834C@wizeup.com> Date: Thu, 08 Apr 1999 10:30:37 -0400 From: Phil Wang Organization: Numina Corp X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.5-RELEASE i386) X-Accept-Language: zh, en MIME-Version: 1.0 To: Alan Weber , andyo@prime.net.ua Cc: questions@freebsd.org Subject: Re: FreeBSD server too slow for internals References: <353CD4ED.37E7FCFA@wizeup.com> <370933AB.28F5D255@wizeup.com> <19990406133756.A728@austin.rr.com> Content-Type: text/plain; charset=gb2312 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thank you all. I do not solve the problem yet, and would like to offer the further info. 1. My FreeBSD machine is a gateway which bridges Internet and an internal network. 209.83.165.224 ------------ 192.168.1.1 Internet <---------------0 Gateway 0-------------> internal ------------ 2. It is not a DNS problem since the elapsed time is similar to ping 192.168.1.1 and 209.83.165.224 on the gateway or an internal machine. 3. It is not a firewall problem becasue NATD did not work only in that period. NATD works well now and any internal machines access Internet without an obvoius delay. 4. I have tested local TELNET and FTP on the gateway, and the result is that telnet and ftp to 209.83.165.224 take less than 1 second and but that telnet and ftp to 192.168.1.1 take 3 minutes. They are local connections! If somebody attacked this gateway, what had he done? Looking forward to your reply. Phil > > On Mon, Apr 05, 1999 at 06:05:31PM -0400, Phil Wang wrote: > --> Hi all, > > --> I got a strange problem with my FreeBSD 2.2.5 machine, which is used as > --> mail/pop3, ftp and httpd servers. Two network interface cards are > --> installed on it, one is used to connect Internet, another is to connect > --> an internal network. All machines (PC and MACs) internal network use > --> NATD to do external access. > > --> This morning, we found at first that a pop3 client took more than 5 > --> minutes to download emails from this pop3 server (sometimes failed), and > --> later found that ftp and httpd services did too. It was very quick last > --> Thursday, this machine was not turned down during the following > --> holidays. > > --> But it looks no slow to access those servers from external Internet or > --> access Internet from internal machines. So, what is the problem? > > --> I checked all the logs outputed from system processes, only one message > --> repeated several times in /var/log/message may be useful. > > --> > --> Apr 2 11:08:19 wizeup natd: failed to write packet back (Permission > --> denied) > --> Apr 2 11:08:49 wizeup natd: failed to write packet back (Permission > --> denied) > --> Apr 2 11:10:54 wizeup last message repeated 4 times > --> Apr 2 11:13:10 wizeup last message repeated 4 times > --> Apr 2 11:13:21 wizeup popper[11123]: (v2.4b2) Unable to get canonical > --> name of c > --> lient, err = 0 > > This looks like the server can not find itself in the DNS system. If your > local DNS is not working, then all of the connections could take a long > time. Unable to get cannonical name of client indicates to me that the > reverse dns ip number to name lookup is not working. > > --> Does any body help it? > > --> Thanks, > --> Phil > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message