Re: inetd question

To: Kai Henningsen <kai@khms.westfalen.de>
Cc: debian-devel@lists.debian.org
Subject: Re: inetd question
From: Peter Tobias <tobias@et-inf.fho-emden.de>
Date: Tue, 17 Jun 1997 02:36:37 +0200
Message-id: <[🔎] 19970617023637.61519@zaphod>
In-reply-to: <[🔎] 6YvKQe9jcsB@khms.westfalen.de>; from Kai Henningsen on Sun, Jun 15, 1997 at 10:42:00AM +0200
References: <[🔎] c=DE%a=_%p=topsystem%l=EINSTEIN-970613081834Z-114@einstein.topsystem.de> <[🔎] c=DE%a=_%p=topsystem%l=EINSTEIN-970613081834Z-114@einstein.topsystem.de> <[🔎] 19970613125310.05450@zaphod> <[🔎] 6YvKQe9jcsB@khms.westfalen.de>

On Jun 15, Kai Henningsen wrote:
> > > I guess it's the ident service. So I try nowait.120 and see what
> > > happens.
> >
> > Of course it is the ident service (that's what the error message of
> > inetd said). But the ident service is not a service that is used
> > alone. You have an application/service which is called as often
> > as the ident service. You should have a look at this application.
> > Your problem could also be an entry in hosts.allow or hosts.deny.
> > If you use a username (xxx@...) there the tcp_wrapper will do an
> > ident/auth lookup for that service (or for all services if the ALL
> > keyword has been used).
> 
> You are somewhat confused here.

I don't think so :-).

> The identd service is called from the _other_ end of the connection (to  
> find out who sits on your end).
> 
> If you actually do have a econd service called just as often, then either  
> the ident connections are local (both ends on your machine), or else the  
> second service is some sort of forwarder (like a web proxy), so every time  
> it is called, it calls out to somewhere else, and that somewhere else then  
> does an ident query.

As far as I know Michael uses a proxy in the same lan (maybe the client
also runs on this machine). When you get some pages from the local
proxy and the proxy does an ident lookup for each connection you'll get
lots of ident lookups (getting pages from the proxy is quite fast so
you'll get lots of lookups in a very short time).

> > Using "nowait.120" is of course a solution but it is probably better
> > to find the application that is causing the problem.
> 
> It is not clear that there is a problem, other than heavy use. There may  
> be, of course, such as ident queries actually causing more ident queries,  
> but we don't know yet if something like that happens.

Getting more than 40 ident lookups a minute is not a usual situation. The
best solution is to find the reason (the sender!) of the ident requests
(if it is a local service/system the ident lookups for that service/system
should probably be turned off). Setting the limit to 120 will keep the
system running but won't reduce the (maybe unnecessary) traffic. If the
number of requests can't be reduced the identd should be run in standalone
mode.

Thanks,

Peter

-- 
Peter Tobias <tobias@et-inf.fho-emden.de> <tobias@debian.org> <tobias@linux.de>
PGP ID EFAA400D, fingerprint = 06 89 EB 2E 01 7C B4 02  04 62 89 6C 2F DD F1 3C 

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- RE: inetd question
  - From: Michael Meskes <meskes@topsystem.de>
- Re: inetd question
  - From: Peter Tobias <tobias@et-inf.fho-emden.de>
- Re: inetd question
  - From: kai@khms.westfalen.de (Kai Henningsen)

Prev by Date: RE: inetd question
Next by Date: Re: (bogus mailing list message)
Previous by thread: Re: inetd question
Next by thread: Re: inetd question
Index(es):
- Date
- Thread