I have an odd problem. I run a ssh server, and a FTP server (OpenSSH, ProFTPD). For some reason, people on the internet (external) can access them just fine, but people on the internal network notice a large lag when connecting. This problem at times seems to resolve itself, only to come back at a random time later. (I've had it work just fine for one day, and then follow the slow connect trend a day later.)

With SSH, the prompt for a username is fast to come up, but the "authentication" of the password takes at least 30 seconds.

With FTP, the initial connection process itself is what lags for around 30 seconds.

I'm using Mandrake 8.1, and I'm also using the default mandrake internet connection sharing setup. My firewall (and a poor choice of one at that) is the latest version of Firestarter.

Any ideas!?

Could be the firewall.

I'm trying to fix the exact same thing right now, and I think it may be because the SSH/FTD server tries performing an ident lookup when authenticating (trying to connect to port 113). That gives a big latency.

I'm not sure if that means the FTP server (wu-ftp in my case) is trying to perform an ident on itself or what, but I'll let you know if I make any progress, and hopefully that helps you narrow things down a little

Sorry I'm a bit of a linux newbie

Hmm. You know, that's funny - I think I recall closing the IDENT port on my firewall when I installed the new version of Firestarter. I don't have an IDENT daemon running, but I do have oidentd installed in case I would ever need it (clients on LAN connecting to IRC networks that require IDENT response).

The thing is, the problem randomly occurs and then fixes itself, all while my firewall is running and no identd. My suspicion was a problem with hostnames and such, but being the newbie I am, I really don't know what to do about it. :P

Originally posted by w0rmh0l3
Hmm. You know, that's funny - I think I recall closing the IDENT port on my firewall when I installed the new version of Firestarter.

Do you know if the IDENT port drops packets or refuses them? If it's dropping them then it'll have to wait before a timeout.

Hmm.. let me know if you fix your prob, cuz I'm just guessing here. I'll be working on it once I'm outta work and I'll post here if I figure anything out too.

Good luck

It must have been dropping them - I opened the IDENT port and suddenly my SSH connections to my university mail server and IRC connections sped up (though there is no IDENT daemon actually running on the port.)

Still haven't figured out why I can't connect to my own SSH and FTP from within my LAN without lag, though!

Been trying to check out my logs in /var/log, and found some things - first of all, does anyone know what this is?

Mar 6 15:16:22 markley-161-217 modprobe: modprobe: Can't locate module ipt_ttl
Mar 6 17:39:18 markley-161-217 modprobe: modprobe: Can't locate module ipt_ttl
Mar 7 18:49:38 markley-161-217 modprobe: modprobe: Can't locate module ipt_ttl

What is ipt_ttl ?

Ahh, found the answer in a different thread (also took the advice of searching for topics related in the first place.. :P)

Check out the slow login thread, it has the solution. I just had to add an entry to my hosts file for computers on my LAN.

hi
i am facing a problem related to ftp. first of all i am using redhat linux 6.2 and have started the ftp server.still all the clients connected to this server are denied permission by the remote host or it gives a message which goes like:
>ftp:bind:10049
and am not able to execute any command except "cd".
kindly tell me what setting changes needs to be done to enable me to get/put/ls in ftp.
thanking you
venky

Originally posted by w0rmh0l3
Ahh, found the answer in a different thread (also took the advice of searching for topics related in the first place.. :P)

Check out the slow login thread, it has the solution. I just had to add an entry to my hosts file for computers on my LAN.

Yep fixed it the same way last night for SSH! Never found it searching here but I got some help over @ SF; although FTP still has to time out. I think it's because my FTP server is running on my external IP, so maybe I need to add my external IP as ahost too?? Thx w0rmhol3, and glad you got it running

Hmm, that's odd.. my FTP is running on the internal IP too and it worked just fine.. we're using different daemons though, I think?

Good luck!

No I'm running it on the external IP, but it is another daemon (wu-ftpd). I gues ftpd resolves the source ip as its own external ip when trying to resolve. I will probably just set up ftpd to listen on my LAN as well, it'd be more secure that way anyway.