[lug] Very long network connection times?
John Karns
jkarns at csd.net
Wed Dec 6 20:55:08 MST 2000
On Wed, 6 Dec 2000, Scott A. Herod uttered:
> A question about networking, probably tcpd in particular. I have
> two nearly identical PIIs running RH 6.2 at home that are connected with
> ethernet.
> One has a linksys card ( BTW, I noticed that the latest tulip driver
> will not compile with the headers from 2.4.0 test 7; netdevice.h has
> changed ) and the other a 3Com card. The two machines have IP addresses
> in 192.0.2.*, the netmask on each is 255.255.255.0, the gateway on
> each is set to 192.0.2.254.
> However, when I telnet from the 3Com machine to the linksys machine
> I get an immediate response. When I telnet from the linksys machine
> to the 3Com machine it takes about 2 minutes before the prompt
> actually appears. ( rlogin and ftp are similar. ) Even if I do
> "ftp localhost" on the 3Com machine, it takes about 2 minutes for
> a prompt to show up.
>
> Can anyone suggest where else to look for a problem? Does linuxconf
> lie about the DNS look-up? I use the 3Com machine for dial-up access
> and had it using DNS so that that would work, but told linuxconf to
> turn off DNS while I was trying to fix my internal network slowness.
>
> If the issue is tcpd trying to do name verification, why would one
> machine be different from the other?
I had virtually the same problem. When I checked the system logs it had
entries mentioning a reverse name lookup failure. I asked an ineptly
worded question here about whether tcp wrappers required DNS services to
function properly.
I found an answer which solved my problem by reading the
Home-network-mini-Howto. The author suggested putting the network
designation (excuse my lack of proper terminology) in /etc/hosts.allow,
which in my case was:
ALL: 127.0.0.1
ALL: 192.168.1.
with the final '.' in the local subnet designation. This fixed my
problem. I was then able to restore /etc/hosts.deny to it's original
state:
http-rman : ALL EXCEPT LOCAL
ALL: ALL
which before I had found necessary to disable the ALL:ALL to get any
connection at all.
I'm not enough of a network expert to know if this is the most elegant
solution, but it has been working for me.
P.S. I'm not using any gateway mechanism between the two as you mention
in your setup.
----------------------------------------------------------------------
John Karns jkarns at csd.net
Bogota, Colombia Voice: 57-1-341-0300
More information about the LUG
mailing list