Why ftpd connected so slow, about 30 second

[muxuefeng]

I edit /etc/rc.conf to ftpd_enable="YES", it's ok from localhost, but I use filezilliaFtp from other computer, it take about 30 seconds until the directory show, anybody can help me, thank you very much

 

[SirDice]

Firewall? Active or passive FTP?

 

[olli@]

That sounds like a DNS timeout. That is, ftpd(8) is trying to look up the DNS name for the incoming FTP connection, but for some reason it doesn't work and times out after 30 seconds. That's just a guess, but the symptom is really typical for such a situation. You can confirm it by looking for the DNS packets with tcpdump(1).

However, I'm not sure how to solve the problem. I don't think ftpd(8) has a switch for disabling DNS lookups. A workaround might be to reject that particular DNS request in your firewall or packet filter, so it returns an error right away, without having to wait for the timeout. This is all assuming that your DNS is set up correctly in general, of course. In case you're running your own name server, you might be able to handle the situation there.

Of course, it's entirely possible that the problem is caused by something else.

 

[SirDice]

A workaround might be to reject that particular DNS request in your firewall or packet filter, so it returns an error right away, without having to wait for the timeout.

Or just add the client's address and hostname to /etc/hosts.

 

[muxuefeng]

Or just add the client's address and hostname to /etc/hosts.

I have add my client ip address to hosts, but it doesn't work.

 

[olli@]

I have add my client ip address to hosts, but it doesn't work.

You need to add the connecting machine’s IP address (not your own), because that’s the address that ftpd(8) is trying to resolve.
That only works if the IP address is always the same, of course. To find out the IP address, while the connection is established, use the command netstat -Sp tcp and look for lines containing an “ftp” port. The remote host's IP address (plus its port, which need not be ftp) can be found in the “Foreign Address” column.

By the way, the easiest way to test the lookup of an IP address on the command line is getent hosts <IP_address>, for example getent hosts 1.2.3.4. Technically it does the same thing as other programs like ftpd(8), so it’s useful for testing. Do not use specialized DNS tools for that purpose, like nslookup, dig or host, because they ignore /etc/hosts.