From owner-freebsd-questions@FreeBSD.ORG Wed Dec 31 08:22:26 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 91D2816A4CE for ; Wed, 31 Dec 2003 08:22:26 -0800 (PST) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2DF6543D2D for ; Wed, 31 Dec 2003 08:22:23 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) hBVGMEwd006401 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 31 Dec 2003 16:22:15 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id hBVGME7t006400; Wed, 31 Dec 2003 16:22:14 GMT (envelope-from matthew) Date: Wed, 31 Dec 2003 16:22:14 +0000 From: Matthew Seaman To: John Von Essen Message-ID: <20031231162214.GA5645@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , John Von Essen , freebsd-questions@freebsd.org References: <20031231095115.GA98228@happy-idiot-talk.infracaninophile.co.uk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="n8g4imXOkfNTN/H1" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.5.1i X-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.61 X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.2.1-2003-12-09-exp) on happy-idiot-talk.infracaninophile.co.uk cc: freebsd-questions@freebsd.org Subject: Re: rsh and rcp problems between Solaris and FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Dec 2003 16:22:26 -0000 --n8g4imXOkfNTN/H1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 31, 2003 at 10:08:03AM -0500, John Von Essen wrote: > I can do two rsh's back to back with no problems, its the third (and 4th > and so on) that hang. >=20 > On the FreeBSD side, after the first rsh, netstat shows: >=20 > tcp4 0 0 mx100.851 embryo.bluebell..1021=20 > TIME_WAIT > tcp4 0 0 mx100.shell embryo.bluebell..1022 > TIME_WAIT >=20 > Those connections stay around for awhile, about 30 seconds. Only when they > disappear does the next rsh work. OK. Some progress. This rules out problems due to limitations in the number of possible connections you can have open at any one time -- if the limit is just two, then there would be a lot more things complaining than just rcp(1). And you'ld have to try exceedingly hard to get a FBSD system that limited. Hmmm... What flags are you invoking inetd(8) with on the FreeBSD side? Specifically are you using any of these (quoting from the manual page): -c maximum Specify the default maximum number of simultaneous invocations= of each service; the default is unlimited. May be overridden on a per-service basis with the "max-child" parameter. -C rate Specify the default maximum number of times a service can be invoked from a single IP address in one minute; the default is unlimited. May be overridden on a per-service basis with the "max-connections-per-ip-per-minute" parameter. -R rate Specify the maximum number of times a service can be invoked in one minute; the default is 256. A rate of 0 allows an unlimit= ed number of invocations. -s maximum Specify the default maximum number of simultaneous invocations= of each service from a single IP address; the default is unlimite= d. May be overridden on a per-service basis with the "max-child-p= er- ip" parameter. The symptoms you describe could be caused eg. by running with '-s 2' in the inetd flags (you're getting two socket connections per rsh or rcp invocation because a second channel is opened to carry the stderr =66rom the invoked command, but that doesn't count towards inetd's connection limits). The default for all of these is unlimited (ie. inetd_flags=3D"-wW") and there aren't any per-service limits on the rsh (shell) service in the default inetd.conf. I generally use: inetd_flags=3D"-wWl -R 1024 -c 128 -a ${hostname}" in my /etc/rc.conf on internet facing machines where I run inetd(8) -- if this is a purely internal machine (which it certainly should be if you're using rsh(1) on it) then I wouldn't bother with any sort of connection rate-limiting, at least for the time being. Hmmm... As well -- what's the output of: % sysctl net.inet.tcp.delayed_ack You might try setting that to zero to turn off delayed ack. That's where the system will wait for about a minute before sending an ACK in order to try and coalesce it with a data packet. Usually that's a win performance-wise. See tcp(4). There's also the RFC1644 support you might want to try toggling: see ttcp(4) -- I'm unable to find any definitive statement on the net about Solaris support for this, so no idea if it will actually help or not. > As for the rcp, I was missing a trailing slash, apparently rcp -r syntax > between Solaris and FreeBSD is a little different. So the rcp's work, but > that take just as long as the rsh calls. That's one problem down then. Good. > As for name resolution, the Solaris box uses dns, and so does FreeBSD. > Both have some entries in the hosts file. That's good too. Rules out some more areas which could be causing the trouble. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --n8g4imXOkfNTN/H1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQE/8ve2dtESqEQa7a0RAhBjAKCbf3hCpaSL9ufkoyzT7su6xZgEcgCfeq/Q GT0SSWULt5FEr75qUsp7CQs= =76Ck -----END PGP SIGNATURE----- --n8g4imXOkfNTN/H1--