Slow ftp-telnet connect, but NOT a dns problem

Slow ftp-telnet connect, but NOT a dns problem

Post by Ruediger Frie » Fri, 02 Oct 1998 04:00:00



hello, who knows what changed from 1995 to the last
netkit versions ?
Problem: telnet and ftp connect with kernel versions 2.xxx
over a firewall.
There is a delay about 8 seconds until the login prompt.
The host tries to send two pakets which are blocked by the firewall.
I can only say, that old linux version (from 1995 - kernel around 1.1xx)
dont do it.
This is tcpdump of the two pakets, which get rejected by the firewall:
15:40:01.500000 0:40:5:38:cb:cd 0:40:5:34:b5:35 0800 60:
195.88.189.125.23 > 195.88.189.136.4664: . ack 31 win 16338 (DF) (ttl
63, id 997)
this are the two pakets
---------
15:40:04.430000 0:80:ad:83:51:5a 0:40:5:33:3c:e3 0800 60:
195.88.189.125.1173 > 195.88.189.136.113: S 3232699201:3232699201(0) win
16060 <mss 1460> (ttl 6
3, id 998)
15:40:10.430000 0:80:ad:83:51:5a 0:40:5:33:3c:e3 0800 60:
195.88.189.125.1173 > 195.88.189.136.113: S 3232699201:3232699201(0) win
16060 <mss 1460> (ttl 6
3, id 999)
-----------
15:40:11.480000 0:40:5:38:cb:cd 0:40:5:34:b5:35 0800 60:
195.88.189.125.23 > 195.88.189.136.4664: P 1:4(3) ack 31 win 16338 (DF)
(ttl 63, id 1000)
----------
the firewall rejects any packets from outside without ack set.
Old linux versions dont send these two pakets. I tried to look into
telnetd
and the telnetlib but did not find the meaning of this pakets.

Has anyone an idea why the host generates such pakets ?

kind regards
--
+------------------------+---------------------------+

+------------------------+---------------------------+
| RDE Network Systems    | phone: +49 611 95031-0    |
| ISP + PoP Wiesbaden    | fax:   +49 611 95031-555  |
| Kirchbornstrasse 2     | www1:  http://www.ipw.net |
| D-65191 Wiesb./Germany | www2:  http://www.rde.net |
+------------------------+---------------------------+