TCP?

Thu Oct 16 17:22:16 UTC 2008

Karl Pearson wrote:
> I have a new problem on my server. TCP connections are very slow.
> 
> For example, if I
> 
> # telnet localhost 25
> 
> I get the sendmail prompt immediately. But, if I do
> 
> # telnet 172.20.20.2 25
> 
> I get connected immediately, but the sendmail prompt comes up about 2 minutes
> later. Same for 10.0.0.1. Both IPs are on the same host, different NICs.
> 
> If I ssh to the machine, it's the same thing. This is causing email to
> time-out and is not sent.
> 
> I've checked DNS and bad NICs, but nothing looks bad. Nothing has changed from
> my standpoint. I've rebooted my switches and firewall and still nothing
> changes. I ran chkrootkit and see nothing different from when things were
> running smoothly.
> 
> I do have a lot of things in my iptables, so I did
> 
> iptables -F
> 
> and tried sending an email. It still timed out...
> 
> Any thoughts?

This is a DNS issue.  Both sendmail and ssh are trying to find out
where the connection is coming from by doing a reverse DNS lookup on
the client IP.  If there is no DNS service OR there's no "PTR" records
in DNS which correspond with the IP the client is presenting, the system
will take a LONG time before they time out and operations continue.

For ssh, you can edit the /etc/ssh/sshd_config file and set

	UseDNS no

(the default is "UseDNS yes").  There is a similar type of option in
sendmail, but I don't have my bat book handy to tell you what it is.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer                      ricks at nerd.com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-     If you can't beat your computer at chess...try kickboxing!     -
----------------------------------------------------------------------