[K12OSN] ssh and a wierd problem. . .
Eric Feldhusen
efeldhusen at chartermi.net
Tue Jul 27 22:56:23 UTC 2004
Les Mikesell wrote:
> On Tue, 2004-07-27 at 15:26, Doug Simpson wrote:
>
> The servers all make the same DNS query. Some are getting answers,
> some wait the 2+ minutes for a DNS timeout because of some firewalling
> issue. It may be an iptables setting on the machine itself or
> it may some external firewall. More rarely, it might be a
> problem with the DNS server that handles the reverse (number to
> name) lookup but normally if you can contact the server at
> all you'll get a quick failure and firewalls dropping packets
> cause slow timeouts. A stock k12ltsp install has it's own
> nameserver for the inside subnet so you won't see the problem
> when you connect from there.
I've seen the same problem with a stock FC1 box. Strangely enough, if I
pinged the box first, the ssh connection would work immediately. If I
logged in, worked, logged out and waited a few hours, the ssh delay
would happen again. I had disabled iptables and still had this problem.
But the solution for me was to update the server with all FC1 updates.
Two kernel updates ago, the problem went away and it has not been a
problem since.
--
Eric Feldhusen
Network Administrator for Adams, Chassell,
Dollar Bay, and Lake Linden Public Schools
email: eric at remc1.k12.mi.us
More information about the K12OSN
mailing list