slow request time on ISPConfig server

Discussion in 'Installation/Configuration' started by torusturtle, Aug 14, 2007.

  1. torusturtle

    torusturtle ISPConfig Developer ISPConfig Developer


    I'm using ISPConfig on a Xen virtual server. I installed it on Ubuntu 6.06 LTS with the perfect setup instructions.

    Unfortunatelly is the initial response time very slow.
    For example when loggin in with ssh it takes several seconds until user and password prompt is displayed.

    Other virtual servers on the same main server responde instantly.

    The some problem occurs with http, ftp or pop requests. I'm getting "waiting for the server" for several seconds. As soon as the connection is established the page/file/mail is loaded very fast.

    Here are some outputs from my server:

    netstat -tap (this one takes very long and i aborded it at the end)
    Many thanks for your help!
  2. chuckl

    chuckl New Member

    Slow netstat response is often DNS related, and offhand, I'd say you've got enough 'named' daemons running there for a root name server.
  3. edge

    edge Active Member Moderator

  4. torusturtle

    torusturtle ISPConfig Developer ISPConfig Developer

    I can't follow you.
    Why is the login with ssh slow as well?
    It has nothing to do with DNS as I'm using the IP and not domain name, hasn't it?

    I use an external DNS service. Named service is only installed because ISPConfig wouldn't install if it wasn't.

    The DNS record is the following:

    I tried that. Unfortunately it didn't help. :-(
  5. chuckl

    chuckl New Member

    You're right, my post was not the soul of clarity, brevity is not always a good idea.
    Try again. Netstat running very slowly is often a sign of slow DNS resolution - just an observation, not necessarily a root cause.
    SSH by default does reverse DNS on the client that is connecting, which could easily cause the delay you are describing. Might be able to cut it down by adding an entry for the client compuer in the server hosts file, and checking that hosts.conf has an order hosts,bind entry.
    I'd also check resolv.conf for the order in which the nameservers are listed, as they are queried in the order given. i.e. it is no use having fast resolution locally, if you are querying a remote nameserver.
    Running on a VM, the networking setup - bridged, NAT, shared etc could also have an effect, as could network connection speed - 10, 100 etc. I'm assuming in all of this that your client computer is on the local LAN? Even with that, I have a noticeable difference in connection setup between a client on a 10baseT port, and one on a 100 port.
    I have also seen comments that recommend that if you have multiple IP's on a single interface, connections to the 'base' i.e. etho:0 IP are quicker, but I've never attempted to verify it.
    In your output above, a number of connections were in a TIME WAIT state, which can also clog up connection resolution.
    You could simply be being slowed up by the mem swap system. Is the server busy, or idling most of the time?
    The comment about the named daemons was simply that you have named listening on every IP on the box, all on the same subnet. Is the name server actually doing anything?
    Final thought, is this a command line SSH connection or a GUI browse connection. I have noticed that doing a 'connect to server' from an Ubuntu desktop box to a server running in a VM can take an amazing length of time to set everything up, and ask for a password.
    Hope some of that helps.

  6. torusturtle

    torusturtle ISPConfig Developer ISPConfig Developer

    much faster now!

    chuckl you're my hero!

    Because I set up the server at home before I brought it to the ISP I still had my home router as top entry in /etc/resolv.conf.
    Deleted it and the Server is much faster know!

    FTP connection is still slow though.
  7. chuckl

    chuckl New Member

    Glad that something worked for you!. You didn't necessarily have to delete it, just move it down the list. Sort of 'name server of last resort'.
    I forgot to mention that it's a good idea to have a hosts file entry for the server on your client machine (if you don't already have one), can save a DNS lookup as well.
    On the ftp side, we had a brief look at that a while back, proftpd was agonisingly slow to connect. There was some tentative thought that it was due to it trying to connect via IPv6 before switching to IP4.
    Don't remember how we resolved it, if at all, so maybe the problem just went away.
    Someone else here may have a better suggestion.
  8. torusturtle

    torusturtle ISPConfig Developer ISPConfig Developer

    how can this be achieved?
  9. chuckl

    chuckl New Member

    If the client machine is a Linux box then in /etc/hosts or a Windows machine \Windows\system32\drivers\etc\hosts add a line with the IP address and name of the server e.g.

    thats it. Of course, if you are connecting using the IP address, then no change.
  10. torusturtle

    torusturtle ISPConfig Developer ISPConfig Developer

    I found out the the slowest sites have several avatars with external links. So the server has to resolve all those links.

    I guess that can't be saved in /etc/hosts?

    Any ideas how to speed up those lookups?
  11. chuckl

    chuckl New Member

    You can put any ip address/host combination you want in the hosts file. If those external sites have fixed IP addresses then simply add their IP address and FQDN (full hostname/sitename) to the hosts file.
    Obviously, you don't want a 10000 line hostfile, or it will take longer than a DNS lookup.
    The getting of the avatars could easily take longer than a DNS lookup however, and if they are accessed frequently, they should be cached on your local DNS server.
    Can you not store them locally, or consider caching them on your server?
  12. torusturtle

    torusturtle ISPConfig Developer ISPConfig Developer

    Do you mean by caching saving in /etc/hosts or is there an other way?
    I tried to install dnsmasq as it has DNS caching but it doesn't work with bind and I can't find out how to cache with bind9.

    I have eAccelerator installed. But that doesn't seam to help as loading the page takes around 4 seconds.
    Last edited: Aug 16, 2007
  13. chuckl

    chuckl New Member

    Bind is a caching name server by design, you don't have to do anything, that is what it does, it caches DNS data locally on the server.
    If you are fetching a lot of data from external sites, you have no control over the speed of that operation, so consider some form of external link/entity caching. I've never used anything like that, so I have no idea where to look. eAccellerator may well do it, I don't know.

    If you are concerned about load times, go here:

    enter youw site url and check what the analyser says.

Share This Page