slow ssh response on extreme switch


Userlevel 1
Hello,

I takes between 5 to 10 seconds until the SSH Login window appear, if I connect by SSH to the switch. I have the version 21.1.3.7 on the switches X440G2-48p-10G4 running. Do you have any idea, whats the reason for this?

Thanks, Yves

9 replies

Userlevel 5
Hi,
my first guess would be: is your switch in DNS and can the IP be reverse-resolved by your workstation?

Frank
Hello Yves,

Does it happen will all terminals (putty, secureCRT, etc...) ?

There was a SSH bug in the previous version (21.1.1 and 21.1.2) but it should be corrected in your version.

Regards,
Nicolas
Userlevel 6
I like both replies. Check DNS, and does it happen on all terminals. Are you saving the SSH Public key when connecting, or do you choose to download it each time?
I have the same problem with all EXOS switches running 22.2.1.5. I had several open at GTAC cases, but they were never corrected or fixed. After the initial slow login, SSH response normally when running commands. I can post the verbose output from my SSH client later.
Userlevel 1
Thanks for your replies. I checked DNS. But it's much faster by telnet, so in this case this seems to be a SSH problem, and not a DNS. And yes, I saved the key.
Userlevel 5
Yves Haslimann wrote:

Thanks for your replies. I checked DNS. But it's much faster by telnet, so in this case this seems to be a SSH problem, and not a DNS. And yes, I saved the key.

So your DNS is configured to reverse-resolve the IP address of the switch? You can check that in Unix/Linux via "dig -x ip.address" or in Windows with "nslookup ip.address" (and look at the last two lines, "Name" and "Address")

It's not really a DNS problem, it's that SSH has a problem if the reverse resolution fails.
Userlevel 1
Yves Haslimann wrote:

Thanks for your replies. I checked DNS. But it's much faster by telnet, so in this case this seems to be a SSH problem, and not a DNS. And yes, I saved the key.

No, I connect by the IP address to the switch. So the switch doesn't send any DNS requests.
Userlevel 5
Yves Haslimann wrote:

Thanks for your replies. I checked DNS. But it's much faster by telnet, so in this case this seems to be a SSH problem, and not a DNS. And yes, I saved the key.

Sorry that I was unclear: It's the workstation that you connect from that wants to be able to reverse-resolve the IP address of the switch.
Userlevel 1
Yves Haslimann wrote:

Thanks for your replies. I checked DNS. But it's much faster by telnet, so in this case this seems to be a SSH problem, and not a DNS. And yes, I saved the key.

I guess it was a DNS problem. I've configured the DNS AND the suffix, and it's good now. Thanks for your help. Besr regards.

Reply