FTP connection slow, ssh normal, ??? 1

[danno74]

We have a Red Hat 9 linux server w/ ProFTPD 1.2.10. For some reason, it has been very slow to login, taking 10-15 seconds to get the user prompt, on the local network.

When I login via Putty with the ssh connection, it come right up.

Anything I can look at? Not very familiar with linux, so speak slowly for the newb!

Thanks

 

[LawnBoy]

I've had the same issue with ProFTPD. Switched to VSftpd, problem went away.

 

[anothermouse]

Slow connectivity on the local network, is often as a result of DNS or routing issues.

Check whether the ssh connection is to an ip address and whether the ftp connection is to a name. If so, either:

a. ftp to the ip address itself
b. Add an entry for the ip address concerned into the /etc/hosts file.

HTH

~~~~~~~~~~~~
A hacker has to be lucky once, the sysadmin has to be lucky always.

http://www.anothermouse.com

~~~~~~~~~~~~

 

[pansophic]

Also, many FTP servers will do a Reverse Address Resolution (RARP) request for incoming connections. If there is no resolvable name for your IP, then the connection will take seconds to minutes to establish.

In most FTP servers you can either turn the RARP off, but you could also put the IP addresses in the /etc/hosts table and see if that improves your connect speed.


pansophic

 

[danno74]

I do FTP to the address directly. I will look into the hosts table and see what is in there. Thank you.

 

[danno74]

Here's my host file:


127.0.0.1 monitor.mmri-ny.com localhost
172.21.221.7 mail.mmri-ny.com
172.21.221.2 mmrint

The last entry I added, it's our main DNS. The top two were there already, the second entry is our secondary DNS/Exchange server.

I logged in again and it was the same speed. Any other suggestions? Do I need to reboot it?

 

[danno74]

Also, I have found the following:

http://www.linuxheadquarters.com/howto/networking/networkconfig.shtml

I went through and there was some items missing in our config. I added and edited an incorrect subnet in the /etc/sysconfig/networks-scripts/ifcfg-eth0 and /etc/sysconfig/network files.

After I edit these files do they automatically take effect?

 

[danno74]

I was actually having a similar problem with another linux FTP server we have, and using the steps above, it has cleared up. I have not tried disabling RARP on either, I did put my IP in the hosts file of both, but the server I question in this post is still taking almost exactly 12-13 seconds each time to get a prompt.

 

[pansophic]

Are you using the same FTP server on both machines? If so, have you tried comparing config files?


pansophic

 

[danno74]

No, one is proFTP (new one), older one is not coming up today so I'm not sure, I think it is red hat 6.3, so whatever that OS comes packaged with I believe.

We have one client unable to connect to it due to firewall on their end, but would like to still get the response time for server down from 13 seconds locally. I guess my best options are updating version of proftp or using a different FTP program.

 

[pansophic]

If you are running RedHat 6.3 and the computer is internet accessible, it has likely been rooted for a long time. If you haven't run chkrootkit on it, I would strongly suggest that you do.

You are probably better off updating the entire OS rather than updating only the FTP server. Unless it is a honey pot.


pansophic

 

[danno74]

The one with proftp is red hat pro 9, does that need an update? we got it a few years ago.

 

[pansophic]

I believe that Red Hat has stopped supporting the pre-Enterprise versions of Red Hat in lieu of Fedora Core and Red Hat Enterprise Linux. If you can't get security updates for your software any more, then you probably need to upgrade.

Red Hat 6.3 is very old. I believe that Red Hat 9.0 is old enough that it isn't supported either.

You need to look at using yum and/or up2date to keep your patches (especially security patches) updated.

Red Hat is at Fedora Core 6.0 now, so they are at least 6 major releases beyond 9.0.

I'm not saying that upgrading will eliminate your issues, but having software that gets updated when there are issues does help to reduce the amount of spam and viruses that the rest of the Internet sees.


pansophic