Eskimo North


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Slow Connections To Some Services




     If you are experiencing slow connections to ftp, ssh, or telnet to
shell here; be sure that your firewall is not blocking TCP port 113.

     If you have a router that does NAT (Network Address Translation, you
will know because your computer gets a 168.192.x.x address), then you need
to add a rule to nail up port 113 to a computer that doesn't have port 113
firewalled.  Preferably the computer you are browsing from through any
computer that refuses the connection will do.

     Even if you have no authd daemon running and listening to port 113, it
is important not to firewall it off.

     The reason is that many services here use TCP_WRAPPERS for access
control, in many cases it is compiled in.  Even if I put "ALL" in
hosts.allow, TCP_WRAPPERS STILL tries to ident the incoming connection for
logging.

     If you have port 113 firewalled, TCP_WRAPPERS will attempt to ident,
but since neither an accept or refuse (ACK or NAK) has been returned it
will sit and wait until it times out before allowing the connection to
proceed.

     If you allow that port through but have no identd running, it will get
an immediate NAK and the connection will proceed.

Eskimo North Support   | Voice Numbers - (206)812-0051 or 800-246-6874
support@eskimo.com     |   Voice help available 9am to 5pm (PST) Mon-Fri
PO Box 55816           |     (Temporarily closed Saturday and Sunday)
Seattle, WA 98155-0816 |        Fax us at - (206)812-0054