Thank you all for your replies, On Tuesday 27 November 2007, Chris Frederick wrote: > Dale wrote:
> > I also ran into something like this on a local network. I corrected > > this by adding the remote systems to my hosts file and putting the entry > > in the host file on the remote system. [ship...] > I've had this problem as well. I've added "UseDNS no" to the > sshd_config file and that had the same result. I usually only had high > latency establishing the connection though. Once the connection was > established and I was logged in, everything was fast again. The problem is not with the DNS servers. I use IP addresses to access these machines and when I have tried FQDNs it makes no odds. > I've also had connection issues while transferring files through ssh, > and I got around that (somewhat) by added "-l" to the scp command. This > tries to throttle the connection speed, and I can usually keep a > connection going with that. I say that is somewhat fixed the issue > because I also need to use ssh to port forward to an internal database > and run scripts there, but there's no way that I know to do the same > throttling with a port forwarding ssh command. The -l option is to apply a protocol specific type of QoS and limit the bandwidth consumed by scp so that other critical services on the server don't run dry. My problem is that I do not seem to have enough bandwidth to start with. The ports of the servers are random numbers in the 200+ and 12000+ range and I have checked that no other applications are using/listening on these ports. I've not tried port 22 yet, but I'll give it a go tonight. I tend to use higher random ports just to achieve some basic 'security by obscurity' from script kiddies and botnets. The issue with port 22 is that the world-and-his-wife will try to hack in and cause DoS to the little bandwidth that seems to be available. :p Ha! I'll deal with this at the firewall. The datacenter servers are listening on port 22. This difference in performance between the production and the domestic servers also made me think that there may well be some traffic shaping by the ISPs at their routers, but don't know if I can test this for definite somehow. I don't think that setting up QoS at the domestic servers is going to make any difference. These machines are not stressed at all and off peak I can access them fine. It is at peak times that things really go pear shape, hence it should be a network congestion/traffic shaping issue. I don't know if people started going mad at the pre-Christmas online shopping and things have been particularly bad since last Saturday, or if it is just some ISP network maintenance that made my connections impossible. More about my trials and tribulations on port 22 tomorrow . . . -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
