There is also no iptables installed, so firewall is out of the equation.
There should be no DNS involved because every host it talks to in the
process is in the /etc/hosts file, and the /etc/host.conf is 'order
hosts,bind'. My /etc/nsswitch.conf has files then dns listed as the args
after hosts... Technically, this should disable any lookups outside of
resolving in the hosts file for everything in the hosts file. We all know
that isn't always the case, which is why I'm asking here on the list. TCP
wrappers should be minimal, considering I just opened up a ALL:ALL in
hosts.allow to eliminate that possibility.
-Tim
----- Original Message -----
From: "Les Mikesell" <lesmikesell@xxxxxxxxx>
Yes IDENT is normally fast if it either completes or isn't running
and you get an ICMP rejection. The thing that might have made
it slow would be if you had a firewall dropping the packets
so you'd get a timeout instead. Another thing that happens
during a connection is a reverse DNS lookup to log the
connecting host name and perhaps a check against hosts.allow
and hosts.deny. How fast does your DNS respond?
--
Les Mikesell
