VSFTPD Logon Latency issues

Recently to the company a server to do FTP services, installed is under the CentOS vsftpd, a variety of configuration after the client with FileZilla login CentOS system account, found a very strange problem, after the loss of account password login, Found on the FileZilla status list will stay in the password verification column, as follows:

---------------

Command: Pass ******************

---------------

And then stay about 5 seconds before it's normal. Log in to the account FTP host directory

Think about it, the previous use of SSH service remote login System account password Authentication is also a similar delay, the solution is to/etc/ssh/sshd_config, remove the line comment, and change yes to No, as follows:

----------------

Usedns No

----------------

Follow this line of thought to find information on the FTP login delay

More Wonderful content: http://www.bianceng.cnhttp://www.bianceng.cn/Servers/Ftp/

Find a consistent solution to the site is to/etc/resolv.conf this file DNS modified to a true and reliable local operator's DNS address, and then open the native system of this configuration file, found that the address is no problem ah, is our province Telecom's DNS resolution address.

I had a ifconfig.

Then suddenly found the problem, I set the server IP information is not out of the intranet address of the extranet.

Immediately vi/etc/sysconfig/network-scripts/ifcfg-eth0

Modified to be routed out of the network intranet address, login FTP, found that delay problem resolution.

Follow this idea to change the IP information back to the address of the unreachable outbound network

Vi/etc/resolv.conf

The inside of the DNS information empty, and then try to log on to FTP, found still 0 delay.

OK, the original DNS resolution is a problem.

So that we can actually understand that regardless of vsftpd or sshd, when password authentication is performed, the service will first look for the server where the DNS address of the native settings resides (skipped without setting), and if not, DNS will have its own TTL, when the TTL is 0, The domain name resolution normal validation is skipped.

Good memory is not as bad as writing, write some personal experience for everyone's reference only. Oh