[c-nsp] Strange SSH lag with ACL applied
Mikael Abrahamsson
swmike at swm.pp.se
Thu Jan 7 01:35:40 EST 2010
On Thu, 7 Jan 2010, Andy Saykao wrote:
> What I'm finding is that when I apply the ACL (VLAN2-FILTER-OUT ) to
> VLAN2, it takes a very long time for the SSH login promtp to appear. If
> I remove the ACL on VLAN2, the SSH prompt is instantaneous. What's going
> on with my ACL??? Why the lag for the SSH prompt to appear?
The server is most likely doing an ident lookup, if you want to speed this
up, make sure you don't silent-drop packets to 113/TCP to avoid this.
--
Mikael Abrahamsson email: swmike at swm.pp.se
More information about the cisco-nsp
mailing list