You are not logged in.

#1 2009-06-13 13:47:39

Dieter@be
Forum Fellow
From: Belgium
Registered: 2006-11-05
Posts: 2,000
Website

[Solved] ssh to local box can take ages

I have a few boxes in my 192.168.1.* network.
One of them is 192.168.1.2 (which is also externally reachable natted through my router by $dyndns)
Locally, it has the alias 'server'

When I do ssh 192.168.1.2 or ssh server, it takes about 30 seconds or so until I'm logged in.  But if i log out immediately and do the same command it's instanteous.
If however I wait a while (another 30s or so) I'll have to wait again.
If i go externally, by doing ssh $dyndns it works really fast.
Since by local ip the problem is the same, I don't think it's a dns problem.

My box:

dieter@dieter-ws-a7n8x-arch ~ ifconfig 
eth0      Link encap:Ethernet  HWaddr 00:26:54:12:C7:41  
          inet addr:192.168.1.213  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::226:54ff:fe12:c741/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6439112 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3391755 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:937142761 (893.7 Mb)  TX bytes:250656863 (239.0 Mb)
          Interrupt:22 Base address:0xc000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:355508 errors:0 dropped:0 overruns:0 frame:0
          TX packets:355508 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:63262641 (60.3 Mb)  TX bytes:63262641 (60.3 Mb)

dieter@dieter-ws-a7n8x-arch ~ cat /etc/nsswitch.conf
# Begin /etc/nsswitch.conf

passwd: files
group: files
shadow: files

publickey: files

hosts: files dns
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: db files

# End /etc/nsswitch.conf
dieter@dieter-ws-a7n8x-arch ~ time host 192.168.1.2
Host 2.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN)

real    0m0.279s
user    0m0.003s
sys    0m0.010s
dieter@dieter-ws-a7n8x-arch ~ time host server
Host server not found: 3(NXDOMAIN)

real    0m0.032s
user    0m0.000s
sys    0m0.003s

Server:

[dieter@dieter-p4sci-arch ~]$ ifconfig 
eth0      Link encap:Ethernet  HWaddr 00:30:48:85:42:1E  
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::230:48ff:fe85:421e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:50402978 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31536541 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1494264403 (1425.0 Mb)  TX bytes:1009906286 (963.1 Mb)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:311373 errors:0 dropped:0 overruns:0 frame:0
          TX packets:311373 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:24417119 (23.2 Mb)  TX bytes:24417119 (23.2 Mb)

[dieter@dieter-p4sci-arch ~]$ cat /etc/nsswitch.conf 
# Begin /etc/nsswitch.conf

passwd: files
group: files
shadow: files

publickey: files

hosts: files dns
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: db files

# End /etc/nsswitch.conf
[dieter@dieter-p4sci-arch ~]$ cat /etc/resolv.conf 
# Generated by dhcpcd
# /etc/resolv.conf.head can replace this line
nameserver 192.168.1.1
#nameserver 212.71.0.33
# /etc/resolv.conf.tail can replace this line
[dieter@dieter-p4sci-arch ~]$ cat /etc/hosts.allow
#
# /etc/hosts.allow
#
sshd: ALL 
# End of file
nfsd: 192.168.1.213, 192.168.1.64
portmap: 192.168.1.213, 192.168.1.64
mountd: 192.168.1.213, 192.168.1.64

Last edited by Dieter@be (2009-06-13 19:06:31)


< Daenyth> and he works prolifically
4 8 15 16 23 42

Offline

#2 2009-06-13 13:52:03

gazj
Member
From: /home/gazj -> /uk/cambs
Registered: 2007-02-09
Posts: 681
Website

Re: [Solved] ssh to local box can take ages

Have you tried restetting your router.  A router builds a routing table of what machine is on the end of each of its network points.  This could be a probelm if you have done any switching around.  I don't know how I know this, it seems very vague in my mind so I could be talking a load of tosh, but its worth a try smile

Offline

#3 2009-06-13 13:53:40

gazj
Member
From: /home/gazj -> /uk/cambs
Registered: 2007-02-09
Posts: 681
Website

Re: [Solved] ssh to local box can take ages

the traceroute command may help you in diaganosing the route to your server

traceroute 192.168.1.2

Offline

#4 2009-06-13 14:32:43

Dieter@be
Forum Fellow
From: Belgium
Registered: 2006-11-05
Posts: 2,000
Website

Re: [Solved] ssh to local box can take ages

dieter@dieter-ws-a7n8x-arch ~ traceroute 192.168.1.2
traceroute to 192.168.1.2 (192.168.1.2), 30 hops max, 40 byte packets
 1  server (192.168.1.2)  0.275 ms  0.122 ms  0.086 ms
dieter@dieter-ws-a7n8x-arch ~ time ssh !$
time ssh 192.168.1.2
Last login: Sat Jun 13 15:43:48 2009 from 192.168.1.213
[dieter@dieter-p4sci-arch ~]$ logout
Connection to 192.168.1.2 closed.

real    0m17.330s
user    0m0.010s
sys    0m0.007s

< Daenyth> and he works prolifically
4 8 15 16 23 42

Offline

#5 2009-06-13 15:20:12

gazj
Member
From: /home/gazj -> /uk/cambs
Registered: 2007-02-09
Posts: 681
Website

Re: [Solved] ssh to local box can take ages

Is your server falling asleep.  I.e disks spinning down, network interfaces sleeping, general power saving etc.

I have a samba server that I maintain at work.  The first acces after a long period takes about 10 seconds for the server to respond, but afterwards is very responsive.  Much like your problem.

EDIT: Actually this can't be your problem as it works fine coming in from the outside.  Unless you have a different physical network interface for the inside and the outside world

Hmmm

Last edited by gazj (2009-06-13 15:26:29)

Offline

#6 2009-06-13 18:40:56

Dieter@be
Forum Fellow
From: Belgium
Registered: 2006-11-05
Posts: 2,000
Website

Re: [Solved] ssh to local box can take ages

gazj wrote:

Is your server falling asleep.  I.e disks spinning down, network interfaces sleeping, general power saving etc.

I have a samba server that I maintain at work.  The first acces after a long period takes about 10 seconds for the server to respond, but afterwards is very responsive.  Much like your problem.

EDIT: Actually this can't be your problem as it works fine coming in from the outside.  Unless you have a different physical network interface for the inside and the outside world

Hmmm

right. same interface. this is not it smile

i also don't think the routing table from the router has anything to do with this. going to the local ip/name doesn't even involve the router


< Daenyth> and he works prolifically
4 8 15 16 23 42

Offline

#7 2009-06-13 18:57:05

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,622
Website

Re: [Solved] ssh to local box can take ages

try setting 'DNS no' in your /etc/ssh/sshd_config on the server, then restart sshd.


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

#8 2009-06-13 19:05:03

Dieter@be
Forum Fellow
From: Belgium
Registered: 2006-11-05
Posts: 2,000
Website

Re: [Solved] ssh to local box can take ages

cactus wrote:

try setting 'DNS no' in your /etc/ssh/sshd_config on the server, then restart sshd.

Thanks. That was it smile I spent too much time looking on the "forward" resolving, forgetting that the sshd might want to do a reverse lookup too smile
Setting `UseDNS no` seems to have fixed it.  Actually i've put the default again there and added the host i'm connecting from to the /etc/hosts file of the server


< Daenyth> and he works prolifically
4 8 15 16 23 42

Offline

#9 2009-06-13 22:13:11

gazj
Member
From: /home/gazj -> /uk/cambs
Registered: 2007-02-09
Posts: 681
Website

Re: [Solved] ssh to local box can take ages

Yeah, well done cactus, I really was looking up the wrong tree there, lol

Offline

#10 2009-06-14 00:48:27

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,622
Website

Re: [Solved] ssh to local box can take ages

gazj wrote:

Yeah, well done cactus, I really was looking up the wrong tree there, lol

heh. it used to happen to me all the time, so i had a good idea what was causing it.

on some servers I also add "-u0" to the init command, because I know what IPs should be accessing the box, and can more readily identify a bad ip in the utmp then a weird hostname.

some more info:
http://www.openssh.com/faq.html#3.3


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

Board footer

Powered by FluxBB