|
slow login usually means dns reverse lookup issue
when an attempt to ssh or telnet into server "pauses" for 30 seconds, then lets you in, that usually indicates the server is misconfigured trying to do reverse IP address lookups. The server wants to log the hostname that the ssh/telnet session is coming from. The standard DNS server timeout is 30 seconds, so if when hosts have a DNS issue, this is how the problem is often reported.
Some things you might try:
1) Check the "hosts" line in /etc/nsswitch.conf, see if it refers to DNS. If you are using NIS, then you probably don't want that in there. If you ARE using DNS, check your /etc/resolv.conf file, and run the "host IP.AD.DR.ESS" command to verify your compute node is able to do DNS lookups successfully.
2) login into one of your compute nodes and run the "who" command. If it lists your hostname properly, it's working okay, but if it lists your IP address instead, this means it cannot resolve your IP to a hostname.
3) make sure your NIS client and server aren't blocking ypbind access in the "/etc/hosts.allow" file. If you use hosts.allow to control access to network services, you probably need to allow the client access to the "ypbind" service and visa versa. It's an often overlooked security feature.
4) you can try running tcpdump or wireshark on the head node or compute node to sniff on the network while attempting to login from another window, to see what is happening on the wire. It's not too hard to figure out if it's doing YP lookups or something else during the pause.
5) it's been many years since I worked on a NIS network, but I believe there is a command "ypcat" which you should be able to use on the compute node to verify that it can access the hosts database on your NIS server.
|
