fedora wrote: > Andy Green wrote: >> fedora wrote: >>> Can anyone help me understand what I am doing wrong on the route del >>> command and also if it looks like I am moving in the right direction >>> to remove the latency issue? >> Latencies are very often DNS problems of some sort. Check the >> /etc/resolv.conf nameservers, and do a dig on them by hand from the >> box in question >> dig google.com @ my.first.nameserver.ip >> and see what the latencies are like. If the latencies are good, try a >> tcpdump -i eth1 port 53 -s0 -X >> and try to cause the delay, maybe you can get a clue. > Interesting - when I run tcpdump and try to connect on port 143 (IMAP > port) it shows the immediate connection to that specific port - in > other words, no latency on the server end - it appears to be on the > way back to the desktop to complete the connection that the latency > comes into play. Here's what is interesting - when I kill the tcpdump > it shows the following: > 392 packets received by filter > 299 packets dropped by kernel > I only ran this for approximately 30 seconds on our live system and > only about three or four users' computers connected during this > session. Your thoughts - anyone. Have you considered the firewall that your DMZ connects to? Specifically, do you drop, reject, or accept IDENT (TCP port 113)? -- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA
