Topic: inetd slowness
started by: damien_s_lucifer
Posted by Spydir on Dec. 10 2001,19:21
I have a somewhat similar problem. it takes about 10-15 seconds before anything inetd's running to catch up. Sucks when I try to ssh in to just get the uptime...you don't happen to be using slackware? One of my friends has seen similar problems. we think it's a problem with some one of the slack8 packages
------------------
Net Syndrome - < www.netsyndrome.net >
Catch The Sickness
Posted by incubus on Dec. 11 2001,01:37
quote:
Originally posted by damien_s_lucifer:
This is a problem I've had on a few Linux box0rs. Servers than run through inetd are really slow to start. Telnet, for example, takes 10-15 seconds before giving me a login prompt. I'm having the same problem with imap and pop3.Any suggestions?
TCPwrappers may be deciding to do a reverse dns lookup on your host and its taking a while or port 53 is firewalled on the host and it times out or you have no rdns in-addr.arpa record and it times out looking for one.....
------------------
"just pressin y0 butt0ns f00" -- miNus
Posted by damien_s_lucifer on Dec. 11 2001,02:15
Yes, it's Slackware 7.x (I think 7.0).Hmm... tcpwrappers doing a reverse DNS sounds like the most likely candidate. Now the question is, how do I stop it from doing reverse DNS without disabling tcpwrappers?
Posted by damien_s_lucifer on Dec. 11 2001,05:42
This is a problem I've had on a few Linux box0rs. Servers than run through inetd are really slow to start. Telnet, for example, takes 10-15 seconds before giving me a login prompt. I'm having the same problem with imap and pop3.Any suggestions?
Posted by incubus on Dec. 12 2001,01:51
quote:
Originally posted by damien_s_lucifer:
Yes, it's Slackware 7.x (I think 7.0).Hmm... tcpwrappers doing a reverse DNS sounds like the most likely candidate. Now the question is, how do I stop it from doing reverse DNS without disabling tcpwrappers?
Hmmm ... all i can say is check inetd.conf ... im usng xinetd so i wouldnt have the foggiest mate.
omg how could anyone understand my earlier post? i was mashed lol
------------------
"just pressin y0 butt0ns f00" -- miNus
Posted by damien_s_lucifer on Dec. 19 2001,00:05
I tracked it down to TCP wrappers... yanked 'em off my IMAP server.Everyone who had an account was bitch0ring about slow email... they're all happy now
Posted by incubus on Dec. 19 2001,02:11
| Quote (damien_s_lucifer @ Dec. 19 2001,00:05) |
| I tracked it down to TCP wrappers... yanked 'em off my IMAP server. Everyone who had an account was bitch0ring about slow email... they're all happy now |
Wicked! I was right! w00t
Posted by aventari on Dec. 19 2001,06:40
So what to tcpwrappers do? All my redhat 6.2 boxes do the same shit at work, and i'd like to fix it. But if I pull tcpwrappers whats the downside?[W00tar! forums be back!]
av
Posted by damien_s_lucifer on Dec. 20 2001,00:49
TCP wrappers allow you to control access to Internet services by IP address / subnet / domain.For example, I have telnet open on my machine, but it only allows connections from my LAN. Outside of my house you have to use SSH. This is great for Telnet, but kind of stupid for email where you usually want world access.
To disable TCP wrappers on a service, you need to edit /etc/inetd.conf. Back it up first - last thing you want is for a bad config file to kill inetd and you can't get it restarted.
You'll need to be root to do this :
Open /etc/inetd.conf in an editor and find the line for the service you want to modify. Here's an example of an entry for POP3 :
| Code Sample |
| pop3 stream tcp nowait root /usr/sbin/tcpd gnu-pop3d |
To remove TCP wrappers from this service, you need to yank out tcpd and have inetd call gnu-pop3d directly:
| Code Sample |
| pop3 stream tcp nowait root /usr/sbin/gnu-pop3d |
Save the file and restart inetd with
killall -HUP inetd
and that's it... no more TCP wrappers on that service.
I left them on Telnet, though. I can wait 20 seconds to open a Telnet session. It was the slow email that pissed me off.
Posted by Spydir on Dec. 21 2001,03:15
ok... I can't wait 20 seconds for putty to ssh into my linux box. Well I can, but I don't want to. I followed what you said, and it still does that crap. Any idea?
Posted by damien_s_lucifer on Dec. 21 2001,06:29
don't run sshd out of inetd. Comment out the SSH line in inetd entirely, restart inetd, and start sshd from the command line like this :/path/to/ssh/sshd
Then edit your boot scripts so that it will start automatically when the system comes up.
Posted by Spydir on Dec. 21 2001,21:42
yeah, that's what I do. Still takes forever to log in. I dunno, could just be I'm an idiot and doing something wrong... whatever, sooner or later it won't matter cuz I'll be on it locally all the time
Posted by aventari on Dec. 22 2001,21:27
from what I understand, if it takes 20 seconds or so to start a program like telnet or ssh, then it's taking that time to try and do a DNS lookup, and then timing out. Well I setup a bootp server at work, and it worked great, UNTIL the DSL connection went down for a while. Bootp refused to work. Is there a way to tell your linux box to NEVER resolve DNS requests?
Posted by damien_s_lucifer on Dec. 23 2001,10:19
It's not necessarily DNS timing out. Reverse DNS lookups can be notoriously slow.The bootp problem is interesting, since it shouldn't rely on DNS to work. Have you tried using DHCP instead?
Posted by kbreak on Dec. 24 2001,04:32
hey DSL; I'm thinking this thread might need a write-up on detnet. Would you be interested? Seems the community is!kbreak
Posted by damien_s_lucifer on Jan. 03 2002,10:11
you could always link to the thread. File it under "Linux networking."