You are not logged in.
- Topics: Active | Unanswered
#1 2019-01-30 13:32:16
- zx
- Member
- Registered: 2014-09-17
- Posts: 22
[SOLVED] Some ports are ready to use after some time (22, 53)
Hi,
I have some standalone machine with few services, one of them is:
- bind/named on port 53 tcp
- ssh on port 22
- nfs server on few other default ports
Machine boot up really fast, but some ports are not opened (maybe not in use) for some time. I mean about port 22, 53.
I have to wait for some time (more then minute) and then somehow they are ready to use.
I have iptables rules, but ports are opened. And I can log into machine after some time.
I used nmap to see what ports are open, and right after boot Ive got this result:
$ sudo nmap -Pn 192.168.123.254
Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-30 14:24 CET
Nmap scan report for 192.168.123.254
Host is up (0.00045s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
111/tcp open rpcbind
MAC Address: 74:D4:35:1E:0F:ED (Giga-byte Technology)
Nmap done: 1 IP address (1 host up) scanned in 0.37 secondAs I mention, after some time everything looks good:
$ sudo nmap -Pn 192.168.123.254
Starting Nmap 7.70 ( https://nmap.org ) at 2019-01-30 14:24 CET
Nmap scan report for 192.168.123.254
Host is up (0.00040s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
111/tcp open rpcbind
MAC Address: 74:D4:35:1E:0F:ED (Giga-byte Technology)
Nmap done: 1 IP address (1 host up) scanned in 0.34 secondsWhy this problem looks strange?
Because when I log into machine directly over tty1 for example.
Then everything is ready to go, and I dont have to wait some time.
Any idea why is this happening, and how to fix it?
Last edited by zx (2019-01-30 15:08:54)
Offline
#2 2019-01-30 14:58:53
- jasonwryan
- Anarchist
- From: .nz
- Registered: 2009-05-09
- Posts: 30,426
- Website
Re: [SOLVED] Some ports are ready to use after some time (22, 53)
Install and run haveged and see if that changes.
Offline
#3 2019-01-30 15:08:25
- zx
- Member
- Registered: 2014-09-17
- Posts: 22
Re: [SOLVED] Some ports are ready to use after some time (22, 53)
WOW @@
I will never find that alone.
Thank you very much.
Offline
#4 2019-01-30 15:52:24
- ugjka
- Member
- From: Latvia
- Registered: 2014-04-01
- Posts: 1,875
- Website
Re: [SOLVED] Some ports are ready to use after some time (22, 53)
I'm curious what was the actual problem and why does haveged solve it?
https://ugjka.net
"It is easier to fool people, than to convince them that they've been fooled" ~ Dr. Andrea Love
Offline
#5 2019-01-30 15:56:40
- zx
- Member
- Registered: 2014-09-17
- Posts: 22
Re: [SOLVED] Some ports are ready to use after some time (22, 53)
https://wiki.archlinux.org/index.php/Haveged
??
This command shows you how much entropy your server has collected. If it is rather low (<1000), you should probably install haveged. Otherwise cryptographic applications will block until there is enough entropy available, which eg. could result in slow wlan speed, if your server is a Software access point.
Last edited by zx (2019-01-30 15:57:17)
Offline
#6 2019-01-30 16:11:06
- zx
- Member
- Registered: 2014-09-17
- Posts: 22
Re: [SOLVED] Some ports are ready to use after some time (22, 53)
If someone is interested.
My result of /proc/sys/kernel/random/entropy_avail is about 240 and grew up in the time. That value is without enabled haveged.
After started haveged my entropy_avail grew up to 2400 and more.
Offline
#7 2019-01-30 16:44:10
- V1del
- Forum Moderator
- Registered: 2012-10-16
- Posts: 24,028
Re: [SOLVED] Some ports are ready to use after some time (22, 53)
I'm curious what was the actual problem and why does haveged solve it?
Relevant issues: https://bugs.archlinux.org/task/58355 https://bugzilla.redhat.com/show_bug.cgi?id=1572944#c7
Offline