Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 8 Feb 2001 20:33:49 +1000
From:      "Doug Young" <dougy@gargoyle.apana.org.au>
To:        "Ted Mittelstaedt" <tedm@toybox.placo.com>, <Graham.Lillico@itnet.co.uk>, <freebsd-newbies@FreeBSD.ORG>
Subject:   Re: SSH
Message-ID:  <012801c091ba$a14d0da0$847e03cb@apana.org.au>
References:  <004301c091b9$06817aa0$1401a8c0@tedm.placo.com>

next in thread | previous in thread | raw e-mail | index | archive | help
That sounds a probable factor in many cases, however I get two minute SSH
logins when the machine I'm logging into is the same as one of the
nameservers ... one of them is on my LAN only a matter of inches /
millimeters away.

In all cases where I've used SSH, public IPs have been used at both ends.
I've just put it down to the neanderthal phone network in OZ, particularly
when its noticeably worse in peak times. I guess it could be that two of the
three nameservers are "unavailable" within the timeout period.but dunno why
the one on my LAN should be unavailable though.

----- Original Message -----
From: "Ted Mittelstaedt" <tedm@toybox.placo.com>
To: "Doug Young" <dougy@gargoyle.apana.org.au>;
<Graham.Lillico@itnet.co.uk>; <freebsd-newbies@FreeBSD.ORG>
Sent: Thursday, February 08, 2001 8:22 PM
Subject: RE: SSH


> I've seen the 2 minute login problem on systems before.
>
> What you want to do is on the system that your telnetting
> or SSHing _to_ is you want to temporarily rename /etc/resolv.conf
> to something else.  Then, logout and log back in.  If the
> 2 minute delay disappears (which most of the time this will
> fix it) then what is going on is that the FreeBSD system is
> seeing the incoming Telnet or SSH request from you and is
> then issuing a DNS lookup for the Reverse Address Record for
> the IP number that your coming in from - and the DNS server
> that it's using is timing out.  FreeBSD does this in order to
> write a log entry for the activity that contains the real name
> of the host, not just it's IP number.
>
> Most of the time DNS servers will fail on reverse address
> queries is because the authority responsible for numbering
> has not properly configured PTR lookups.  If it's a public
> IP number then the numbering authority is the ISP you got
> the number from.  If it's a RFC1918 number that you assigned,
> then your it.  And, note that simply having an empty PTR
> record for the IP number in the DNS is not going to produce
> this problem - the misconfiguration has to be more serious than
> that.  Common examples are ISP's that specify IP numbers of old
> nameservers in ARIN's records (that are subsequently taken down)
> or administrators that set up private DNS servers that cannot
> make PTR lookups.  (often for RFC1918 number ranges)
>
> The remaining time that the DNS lookups usually will fail is
> if an IP number for a nameserver that is specified in /etc/rc.conf
> is unreachable.
>
> Ted Mittelstaedt                      tedm@toybox.placo.com
> Author of:          The FreeBSD Corporate Networker's Guide
> Book website:         http://www.freebsd-corp-net-guide.com
>
>
> > -----Original Message-----
> > From: owner-freebsd-newbies@FreeBSD.ORG
> > [mailto:owner-freebsd-newbies@FreeBSD.ORG]On Behalf Of Doug Young
> > Sent: Thursday, February 08, 2001 1:26 AM
> > To: Graham.Lillico@itnet.co.uk; freebsd-newbies@FreeBSD.ORG
> > Subject: Re: SSH
> >
> >
> > As far as I know thats normal ..... every SSH login I've ever
> > seen has taken
> > about 2 minutes
> >
> > ----- Original Message -----
> > From: <Graham.Lillico@itnet.co.uk>
> > To: <freebsd-newbies@FreeBSD.ORG>
> > Sent: Thursday, February 08, 2001 7:21 PM
> > Subject: SSH
> >
> >
> > >
> > >
> > > Hi,
> > >
> > > Can anyone tell me why it is taking so long to log in via ssh, its
> > currently
> > > taking about 2 minutes from entering my password to getting a shell
> > prompt, is
> > > this right? if not any ideas what could be causing it?
> > >
> > > Graham
> > >
> > >
> > >
> > >
> > >
> > ******************************************************************
> > **********
> > *******
> > > http://www.itnet.co.uk
> > > http://www.itnet.co.uk/eb  -  Click here to see ITNET's ebusiness
> > capabilities
> > >
> > > Any opinions expressed in this email are those of the individual and
> > > not necessarily those of ITNET plc and/or its subsidiaries. This email
> > > and any files transmitted with it, including replies and forwarded
> > > copies (which may contain alterations) subsequently transmitted from
> > > ITNET plc and/or its subsidiaries, are confidential and solely for the
> > > use of the intended recipient. If you are not the intended recipient
> > > or the person responsible for delivering to the intended recipient, be
> > > advised that  you have received this email in error and that any use
> > > is strictly prohibited.
> > >
> > > If you have received this email in error please notify ITNET Customer
> > Service
> > > Centre by telephone on +44 (0)121 683 4043 or via email to
> > > csccom@itnet.co.uk, including a copy of this message.
> > > Please then delete this email and destroy any copies of it.
> > >
> > ******************************************************************
> > **********
> > *******
> > >
> > >
> > > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > > with "unsubscribe freebsd-newbies" in the body of the message
> > >
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-newbies" in the body of the message
> >
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?012801c091ba$a14d0da0$847e03cb>