Mick wrote: > Thank you all for your replies, > > On Tuesday 27 November 2007, Chris Frederick wrote: > >> Dale wrote: >> > > >>> I also ran into something like this on a local network. I corrected >>> this by adding the remote systems to my hosts file and putting the entry >>> in the host file on the remote system. >>> > [ship...] > > >> I've had this problem as well. I've added "UseDNS no" to the >> sshd_config file and that had the same result. I usually only had high >> latency establishing the connection though. Once the connection was >> established and I was logged in, everything was fast again. >> > > The problem is not with the DNS servers. I use IP addresses to access these > machines and when I have tried FQDNs it makes no odds. > > >> I've also had connection issues while transferring files through ssh, >> and I got around that (somewhat) by added "-l" to the scp command. This >> tries to throttle the connection speed, and I can usually keep a >> connection going with that. I say that is somewhat fixed the issue >> because I also need to use ssh to port forward to an internal database >> and run scripts there, but there's no way that I know to do the same >> throttling with a port forwarding ssh command. >> > > The -l option is to apply a protocol specific type of QoS and limit the > bandwidth consumed by scp so that other critical services on the server don't > run dry. My problem is that I do not seem to have enough bandwidth to start > with. > > The ports of the servers are random numbers in the 200+ and 12000+ range and > I > have checked that no other applications are using/listening on these ports. > I've not tried port 22 yet, but I'll give it a go tonight. I tend to use > higher random ports just to achieve some basic 'security by obscurity' from > script kiddies and botnets. The issue with port 22 is that the > world-and-his-wife will try to hack in and cause DoS to the little bandwidth > that seems to be available. :p Ha! I'll deal with this at the firewall. > > The datacenter servers are listening on port 22. This difference in > performance between the production and the domestic servers also made me > think that there may well be some traffic shaping by the ISPs at their > routers, but don't know if I can test this for definite somehow. > > I don't think that setting up QoS at the domestic servers is going to make > any > difference. These machines are not stressed at all and off peak I can access > them fine. It is at peak times that things really go pear shape, hence it > should be a network congestion/traffic shaping issue. I don't know if people > started going mad at the pre-Christmas online shopping and things have been > particularly bad since last Saturday, or if it is just some ISP network > maintenance that made my connections impossible. > > More about my trials and tribulations on port 22 tomorrow . . . >
Just to add to this, I was using the IP address too and it was very slow. This was also on a local network. After adding the lines to my host files, it was fast no matter whether I used the name or the IP address. I still don't understand why this matters tho. Just a thought. Dale :-) :-) :-)
