1 |
Mick wrote: |
2 |
> Thank you all for your replies, |
3 |
> |
4 |
> On Tuesday 27 November 2007, Chris Frederick wrote: |
5 |
> |
6 |
>> Dale wrote: |
7 |
>> |
8 |
> |
9 |
> |
10 |
>>> I also ran into something like this on a local network. I corrected |
11 |
>>> this by adding the remote systems to my hosts file and putting the entry |
12 |
>>> in the host file on the remote system. |
13 |
>>> |
14 |
> [ship...] |
15 |
> |
16 |
> |
17 |
>> I've had this problem as well. I've added "UseDNS no" to the |
18 |
>> sshd_config file and that had the same result. I usually only had high |
19 |
>> latency establishing the connection though. Once the connection was |
20 |
>> established and I was logged in, everything was fast again. |
21 |
>> |
22 |
> |
23 |
> The problem is not with the DNS servers. I use IP addresses to access these |
24 |
> machines and when I have tried FQDNs it makes no odds. |
25 |
> |
26 |
> |
27 |
>> I've also had connection issues while transferring files through ssh, |
28 |
>> and I got around that (somewhat) by added "-l" to the scp command. This |
29 |
>> tries to throttle the connection speed, and I can usually keep a |
30 |
>> connection going with that. I say that is somewhat fixed the issue |
31 |
>> because I also need to use ssh to port forward to an internal database |
32 |
>> and run scripts there, but there's no way that I know to do the same |
33 |
>> throttling with a port forwarding ssh command. |
34 |
>> |
35 |
> |
36 |
> The -l option is to apply a protocol specific type of QoS and limit the |
37 |
> bandwidth consumed by scp so that other critical services on the server don't |
38 |
> run dry. My problem is that I do not seem to have enough bandwidth to start |
39 |
> with. |
40 |
> |
41 |
> The ports of the servers are random numbers in the 200+ and 12000+ range and I |
42 |
> have checked that no other applications are using/listening on these ports. |
43 |
> I've not tried port 22 yet, but I'll give it a go tonight. I tend to use |
44 |
> higher random ports just to achieve some basic 'security by obscurity' from |
45 |
> script kiddies and botnets. The issue with port 22 is that the |
46 |
> world-and-his-wife will try to hack in and cause DoS to the little bandwidth |
47 |
> that seems to be available. :p Ha! I'll deal with this at the firewall. |
48 |
> |
49 |
> The datacenter servers are listening on port 22. This difference in |
50 |
> performance between the production and the domestic servers also made me |
51 |
> think that there may well be some traffic shaping by the ISPs at their |
52 |
> routers, but don't know if I can test this for definite somehow. |
53 |
> |
54 |
> I don't think that setting up QoS at the domestic servers is going to make any |
55 |
> difference. These machines are not stressed at all and off peak I can access |
56 |
> them fine. It is at peak times that things really go pear shape, hence it |
57 |
> should be a network congestion/traffic shaping issue. I don't know if people |
58 |
> started going mad at the pre-Christmas online shopping and things have been |
59 |
> particularly bad since last Saturday, or if it is just some ISP network |
60 |
> maintenance that made my connections impossible. |
61 |
> |
62 |
> More about my trials and tribulations on port 22 tomorrow . . . |
63 |
> |
64 |
|
65 |
Just to add to this, I was using the IP address too and it was very |
66 |
slow. This was also on a local network. After adding the lines to my |
67 |
host files, it was fast no matter whether I used the name or the IP |
68 |
address. I still don't understand why this matters tho. |
69 |
|
70 |
Just a thought. |
71 |
|
72 |
Dale |
73 |
|
74 |
:-) :-) :-) |