|
On Fri, 20 Oct 2000, Stephen Rowles wrote:
> At 06:39 20/10/2000 -0400, you wrote:
> >On Fri, 20 Oct 2000 thomas.hoelsken@xxxxxx wrote:
> >
> > > The FTP-service is working, but the firtst connect takes nearly a minute.
> >
> >are you running ftpd under tcp wrappers? your inetd.conf will be something
> >like
> >
> >ftp stream tcp nowait root /usr/sbin/tcpd wu.ftpd
> >
> >if so, you are having troubles with identd (lookup the HOWTO).
> >change the line to
> >
> >ftp stream tcp nowait root /usr/sbin/wu.ftpd wu.ftpd
>
> Alternatively you can tweak your hosts.allow, and you hosts file to allow
> access.
hadn't thought of that.
Presumably if you're going to allow everyone in the world to ftp in, then
you'll have a permissive hosts.allow file
> make sure that the relevant machines in the cluster have local IP entries
> in you /etc/hosts file, and are allowed in /etc/hosts.allow
>
> The problem that I had was the inability to resolve host names for machines
> within a NAT cluster because of their local only IP address. The minute
> timeout is a "typical" name lookup timeout.
in the HOWTO, lookup
14.10.2
Running indexing programs (eg htdig) on the LVS
> I don't know if this is entirely relevant.... I lost the previous setup
> description e-mails. But I do know that disabling tcp wrappers is not
> necessarily the right solution as it will disable logging and allowed IP
> security checks.
with VS-DR you've thrown this away already, as identd doesn't work
anymore. All you can do is stop identd from holding up the login until it
times out.
see identd in the HOWTO
> I have a NAT cluster running FTP and telnet and ssh, all
> tcp wrappered with no access delays / problems.
identd will work find with VS-NAT if it's a NAT'ed service
(ie you've NAT'ed all ports, or identd spefically)
Joe
--
Joseph Mack mack@xxxxxxxxxxx
|
