Topic: ssh login and FTP very slow

[guestHH]

Hi all,

With version 5.2.1 is notice the following:

- Extreme long waiting time for password prompt with ssh login(Putty)
- Extreme long waiting time when trying to ftp to an ibay (share@myserver.net)

Now I have to say I've implemented some php applications but I don't think this has anything to do with ssh and ftp.

I also noticed that a fresh install of 5.1.2 does not suffer from the above symptoms, but an upgraded system (4.x -> 5.1.2) does.

Does anybody else have these 'problems'?
MITEL is there something we should know ?

Thanks anyway.
Regards,

guestHH

[Luke Drumm]

I've noticed it with a clean install of 5.1.2 (ie. I'm suffering with it right now).
Regards,
Luke

[guestHH]

Oh ok Luke,

MITEL can you inform us of any 'stange' behaviour??

Thanks Luke.

Regards,
guestHH

[Luke Drumm]

Upon looking through the logs, I noticed the following:

sshd[3651]: Could not reverse map address 192.168.191.67

Could this be the cause of the problems?
Regards,
Luke

[Luke Drumm]

Upon looking through the logs, I noticed the following:

sshd[3651]: Could not reverse map address 192.168.191.67

Could this be the cause of the problems?
Regards,
Luke

[Luke Drumm]

In addition to this, when I do an nslookup for 192.168.191.67 (one of the workstations) I notice its attempting to resolve the IP address outside the network.

The subnet mask for the internal netwrok looks okay when I run IfConfig.

Route reveals the following:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
255.255.255.255 *               255.255.255.255 UH    0      0        0 eth0
192.168.191.0   *               255.255.255.0   U     0      0        0 eth0
[ISP SUPPLIED STUFF].0   *               255.255.240.0   U     0      0        0 eth1
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         [ISP SUPPLIED STUFF] 0.0.0.0         UG    0      0        0 eth1

Does anyhting look dodgey here?
Regards,
Luke

[guestHH]

Hi Luke,

Same here:

Mar  7 19:43:51 star-support sshd[11362]: Could not reverse map address 192.168.1.75.


AND nslookup 192.168.1.75 take the lookup outside of my local network.

My routing table:
eth0      Link encap:Ethernet  HWaddr 00:10:A7:0A:38:F6
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1474996 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1581489 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:10 Base address:0xbc00

eth1      Link encap:Ethernet  HWaddr 00:10:A7:0A:36:5F
          inet addr:[ISP SUPPLIED]  Bcast:[ISP SUPPLIED]  Mask:255.255.252.0
          UP BROADCAST NOTRAILERS RUNNING  MTU:1500  Metric:1
          RX packets:8120173 errors:4 dropped:0 overruns:0 frame:0
          TX packets:855917 errors:0 dropped:0 overruns:0 carrier:0
          collisions:23894 txqueuelen:100
          Interrupt:10 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:414576 errors:0 dropped:0 overruns:0 frame:0
          TX packets:414576 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

So what does this mean???? Are we looking at a routing problem, resolve problem, dns problem...

Regards,
guestHH

[Ari]

And joy of joys...
even after the bloody reload... *grumble grumble* my problem is back too.
Slow FTP... slow SSH using putty...

but I find this very interesting:
[root@tbfcserv01 /root]# nslookup 192.168.1.1
Server:  ns1nr.wp.shawcable.net
Address:  24.66.94.195

*** ns1nr.wp.shawcable.net can't find 192.168.1.1: No response from server

192.168.1.1 is the internal IP of my server. Neat huh?

eth0      Link encap:Ethernet  HWaddr 00:50:BF:17:68:1A
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          EtherTalk Phase 2 addr:65280/112
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8842 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9381 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:11 Base address:0xa800

eth1      Link encap:Ethernet  HWaddr 00:50:BA:A7:68:46
          inet addr:24.85.12.224  Bcast:24.85.15.255  Mask:255.255.252.0
          UP BROADCAST NOTRAILERS RUNNING  MTU:1500  Metric:1
          RX packets:778 errors:0 dropped:0 overruns:0 frame:0
          TX packets:734 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:5 Base address:0xb000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          EtherTalk Phase 2 addr:0/0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:2 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0


So WTF is going on here?
Why is the server trying to resolve the internal IP address externally?

(and yes, I have a DHCP assigned external IP address)

Ari

[Dan Brown]

Sounds like all of you may be specifying external DNS servers during the server config--is that right?  If so, what happens if you remove that entry?

[Ari]

Nope. No external DNS is configured during my setup - and DHCP is determined by hardware for the ext. IP.

[Ari]

In fact... here's my server config:

Ethernet settings
  Ethernet driver 1    : rtl8139
  Ethernet driver 2    : ne2k-pci

External network settings
  Operation mode       : server and gateway - dedicated
  DHCP client          : enabled (send ethernet address as client id)
  Dynamic DNS          : do not use dynamic DNS service

Local network settings
  Local IP address     : 192.168.1.1
  Local subnet mask    : 255.255.255.0
  DHCP server          : enabled, using host numbers from 192.168.1.65  to 192.168.1.250

Miscellaneous settings
  Primary domain name  : trollbane.com
  System name          : tbfcserv01
  External proxy       : no
  Status reports       : off
  Console mode         : login

Contact details can be configured by entering a contact e-mail address.


There ya go.

[Dan Brown]

Well, for some reason, it's trying to resolve hostnames via an external DNS server, which it shouldn't ever be doing if you haven't specified one.  What's in /etc/resolv.conf?

[Ari]

/etc/resolve.conf contains the following:

domain wp.shawcable.net
nameserver 24.66.94.195
nameserver 24.66.94.212
search wp.shawcable.net


and there in lies the problem.

I never told the server to use my ISP to resolve DNS. It did it of its own volition after the IP change through DHCP earlier today.

So...
easily correctable BUT for how long?

Why is this happening is the better question, I think.

Ari

[Ari]

And as soon as I changed the resolv.conf back to:

domain www.trollbane.com
nameserver 192.168.1.1

everything works fine again.

Interesting.

[Dan Brown]

My guess is that it's related to using DHCP.  DHCP, after all, does include methods for setting DNS parameters.  Don't know how to avoid it, though; probably some sort of change to the resolv.conf templates.