From owner-freebsd-questions Thu Jun 1 20:33:17 2000 Delivered-To: freebsd-questions@freebsd.org Received: from kbgroup.co.nz (gateway.kbgroup.co.nz [203.96.151.81]) by hub.freebsd.org (Postfix) with ESMTP id 7A2E937B547 for ; Thu, 1 Jun 2000 20:33:12 -0700 (PDT) (envelope-from dave.preece@kbgroup.co.nz) Received: from kb_exchange.kbgroup.co.nz ([202.202.203.10]) by gateway.kbgroup.co.nz with ESMTP id <115201>; Fri, 2 Jun 2000 15:48:01 +1200 Received: by internet.kbgroup.co.nz with Internet Mail Service (5.5.2650.21) id ; Fri, 2 Jun 2000 15:41:55 +1200 Message-ID: <67B808B0DD93D211ABEE0000B498356B2B4EA4@internet.kbgroup.co.nz> From: Dave Preece To: freebsd-questions@freebsd.org Subject: No login day. Serious hassle. MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Date: Fri, 2 Jun 2000 15:48:00 +1200 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Since it doesn't (as yet) involve any source code I thought I'd send this here and not to -hackers. Headache central. I run sshd and connect to my box through SecureCRT (an actually very good ssh client for Win32). Came in this morning and it wouldn't login. We could connect at layer 4, and some daemon and backgroud software I left running is fine, but not login as such. Since I mess around with firewalls a lot and locking myself out is not uncommon, I have a (shite) console connected to the serial port and can get a root login from here. So I got inetd up (normally disabled) and normal telnetd going and tried to connect again. The client connects instantly, but then takes ages (like, a minute) to get a login prompt. Not good, but at least I'm in. Once in, I waded through /var/log and could find nothing. Running ethereal onto a new telnet session showed what was happening (kinda): The three way handshake was completed and telnet opened the batting with the "Do suppress go ahead" command, which was acked. Then nothing for 75 seconds. It then continues and goes through to the ack for "Login:" within 0.5 seconds, as to be expected. Quite why, I don't know. I've seen a similar problem to this before, but on that occasion I had the default router set to an address not on the local subnet, and fixing that solved the login problem. On a hunch I decided to have a look at the arp cache with arp -a, which didn't seem to want to complete (ctrl-C'd it), then arp -na completed and appeared to solve all my problems. Everything goes fine, but there is still a significant gap (1.5 seconds) from "do suppress go ahead" to the next command. So, while I am 'fixed', I still have no idea what went wrong or why. It seems there was some kind of corruption in the arp cache that was causing a timeout to happen much the same as when I did something stupid with the default router. Is this the case? What can I do to prevent it? And why did it render sshd totally unable to login? A bit confused, but protective of uptime. Dave :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message