From owner-freebsd-questions@FreeBSD.ORG Mon Jun 6 02:49:31 2005 Return-Path: X-Original-To: freebsd-questions@FreeBSD.org Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 766F916A41C for ; Mon, 6 Jun 2005 02:49:31 +0000 (GMT) (envelope-from rmarella@gmail.com) Received: from ms-smtp-01-eri0.socal.rr.com (ms-smtp-01-qfe0.socal.rr.com [66.75.162.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id 440F443D4C for ; Mon, 6 Jun 2005 02:49:31 +0000 (GMT) (envelope-from rmarella@gmail.com) Received: from [10.0.0.101] (cpe-66-8-186-59.hawaii.res.rr.com [66.8.186.59]) by ms-smtp-01-eri0.socal.rr.com (8.12.10/8.12.7) with ESMTP id j562nQFf013022; Sun, 5 Jun 2005 19:49:27 -0700 (PDT) Message-ID: <42A3B9B6.5070800@gmail.com> Date: Sun, 05 Jun 2005 16:49:26 -1000 From: Robert Marella User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.8) Gecko/20050512 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jonathan Chen , freebsd-questions@FreeBSD.org References: <5EEBE9C3C61D1142994C6B620C51E847110B80@depot.weblinkmo.com> <17059.37867.174248.688500@jerusalem.litteratus.org> <42A3A5F4.8090807@gmail.com> <20050606023235.GA81334@osiris.chen.org.nz> In-Reply-To: <20050606023235.GA81334@osiris.chen.org.nz> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: Symantec AntiVirus Scan Engine Cc: Subject: Re: ssh delays 40 seconds X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jun 2005 02:49:31 -0000 Jonathan Chen wrote: > On Sun, Jun 05, 2005 at 03:25:08PM -1000, Robert Marella wrote: > >>Robert Huff wrote: >> >>>Richard J. Valenta writes: >>> >>> >>> >>>>I had this problem in the past, and it was due to DNS problems where my >>>>IP from the client machine was unable to be resolved... but I think it >>>>took longer than 40 seconds. I mentioned this in this list before, a >>>>search of the list may help. >>> >>> >>> Affirmed for the general case. "30 second delay, then normal >>>network activity" _screams_ DNS misconfiguration, usually but not >>>always in the client side. >>> >>> >>> Robert Huff >> >>Forgive me if I am dense. According to the readout of "ssh -vvv gateway" >>the connection is made immediately. Does that not indicate that it knew >>where to go? > > > It's not the forward case that's the problem. The sshd daemon on the > server side attempts to find out where the connection is from by doing > a reverse-lookup. If the incoming IP hasn't got a DNS entry, the failing > DNS ip-lookup will time out in ~30s. > > Cheers. Jonathan Thanks for responding. In all of my systems /etc/hosts is populated with the name and LAN IP address of all other boxes. My gateway/firewall is a 5.4 Rel computer. I can ping that box "it's called gateway" with ping gateway or ping 10.0.0.1 no problem. I ssh there and it takes 40 seconds to provide me with a request for passphase. Once I'm in there I can ping all other boxes with name or IP. If I ssh from there to any box it takes 40 seconds for that next box to request a password. This happens from any box to any box. It was working perfectly until this week. It might be realted to me updating the gateway box from 5.3 to 5.4 but I know I had accessed it right after upgrade because it is headless and I had to ssh into it to do the world/kernel thing. Other than /etc/hosts and /etc/resolv.conf is there any other config files I should check. Thanks again for your time. Robert