Login Process takes longer

Hello.

Since Yesterday, I notice that after giving telnet IP or SSH IP - it takes long time to display login: , I mean earlier after entering Server name It used to immediately ask for login ID and then password. But, now it takes min of 2-3 minute to ask for password.

Where can I check, whats going wrong?

I usually use strace to have an idea of what a program is doing. Of course, if you do not have some C programming background the output may not make enough sense to you. It outputs the system calls being called. You can look at the neighbouring system calls around places where large latencies occur to give you an idea what happened at that time.

One possibility that I encounter recently is that reverse DNS of IPv4 addresses is down or simply being slow. In that case, the SSH process may need to timeout before trying another one. MySQL has similar issues as well.

How to turn off DNS resolutions - First of all what is DNS, and why is it coming in picture here on UNIX? Direct telnet from server back to itself is also slow. I mean, it shows connected to server but login: prompt comes delayed only. There are no performance issues also on applications.

Please advice.

Exactly what happens to your system only you can trace yourself. Mine was confirmed related to DNS because that occurred on a supposedly idle server over a few days and afterwards the problem went away with no change made. That is a sign that DNS may be a cause. I could confirm with strace later that way.

For OpenSSH server side, there is a UseDNS configuration option in sshd_config. Set it to "no". Not sure about Telnet.

In fact this is in the OpenSSH FAQ:
OpenSSH FAQ

Maybe try pinging the IP and check its connectiviti.

what is DNS? and How does it impact to login process? What solutions are there to follow IF the issue is caused by DNS ?

DNS - Domain Name Server

This is the mechanism that a host asks another host to resolve a name.

A good test is to...

login to the server
note the IP address of your client
type "nslookup ip-address" and see how long it takes to reply.

/etc/resolv.conf is a good place to start.

Thank you!

Here is the output:

prodipas@ssydpapp007 /data/ipas/d2/ipsmk2 $ nslookup 10.68.129.57
prodipas@ssydpapp007 /data/ipas/d2/ipsmk2 $ nslookup 10.68.129.57
*** Can't find server name for address 10.68.128.1:No response from server
*** Can't find server name for address 10.72.128.1:No response from server
*** Default servers are not available
prodipas@ssydpapp007 /data/ipas/d2/ipsmk2 $

It took 75 seconds to display first line. and then 75 seconds again to display remaining output. Earlier it used to display different output , dont remember very quickly. The IP address for server , users generally connect or I used to connect is 10.68.129.57 I am not sure what is 10.68.128.1 ? Something looks to be changed as nslookup output is differnt now.

I dont see any changes made recently in this file too:

prodipas@ssydpapp007 /etc $ more resolv.conf
nameserver 10.68.128.1
nameserver 10.72.128.1
domain au.challenger.net
prodipas@ssydpapp007 /etc $ ls -lt resolv.conf
-rw-r--r-- 1 root system 71 Apr 17 2007 resolv.conf
prodipas@ssydpapp007 /etc $

Please advice ... whats going on?

Looks like the DNS servers are down.

Try using another DNS server, such as 208.67.222.222 of OpenDNS. You can add a "nameserver" line which points to that new IP at the top of /etc/resolv.conf (before the existing lines). See if there is any difference.

OpenDNS | Providing A Safer And Faster Internet

Hmmm... What exactly do we mean by DNS Server? What command is used to bring up DNS Servers?

As porter has said, it finds the IP address associated with a domain and host name such as 'www.unix.com', when you type the URL in the location bar for instance, because the Internet uses IP address for communication rather than names.

Domain name system - Wikipedia, the free encyclopedia

You don't need to do anything with DNS servers. Most of us simply use one of the many available. If a DNS server is down, the easiest thing you can do is to tell your computers to use another one, and see if it is ok again. OpenDNS is a reliable free DNS provider, and that can provide us with a more reliable basis for isolating DNS-related issues.

I have learnt that few days back the DNS team has removed the DNS Servers. And the IP mentioned in /etc/resolv.conf does not exist anymore.

Do you think, that has caused the issue?
Which all places do you suggest to modify DNS new IP on UNIX?
After modification, does a server reboot require or any command to be supplied after modifications to have new DNS activated on each UNIX box?

Of course that matters. You should update all hosts which use those DNS server IP addresses and change them to another provider.

Change them in /etc/resolv.conf as mentioned.

No, you don't need to reboot. Usually the change is instant, but for certain services you may need to restart service (such as mysql) to make sure the change really takes effect. If you can afford to, reboot is the easiest way to have everything reinitialized.