LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: [lvs-users] slow rsh login

from [Graeme Fowler] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] slow rsh login
From: Graeme Fowler <graeme@xxxxxxxxxxx>
Date: Fri, 19 Dec 2008 16:40:31 +0000 
On Fri, 2008-12-19 at 10:20 -0600, David Merhar wrote:
> Alright, maybe some progress.
> 
> the strace on in.rlogind (strace -pf <xinetd PID>)  shows the hangup on
> connect(0, {sa_family=AF_INET sin_port=htons(113) sin_addr(DIP)},  
> 128)       -   typed, so probably not perfect.

Make sure you REJECT rather than DROP ident lookups on the director, or
even better configure the realservers to REJECT them in the OUTPUT chain
on the outgoing interface.

If they get DROPped, then the calling process will exhibit the exact
hangup you're seeing. This is very, very common in SMTP systems using
ident lookups with badly configured firewalls.

Graeme


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [lvs-users] slow rsh login, David Merhar
Next by Date:  Re: [lvs-users] slow rsh login, David Merhar
Previous by Thread:  Re: [lvs-users] slow rsh login, David Merhar
Next by Thread:  Re: [lvs-users] slow rsh login, David Merhar
Indexes:  [Date] [Thread] [Top] [All Lists]