FTP Login slow

The login process FTP thru a WRT150N to remote servers is quite slow, around 10 seconds. After that transfers go rapidly in both directions. It was suggested that I set a "Port Triggering Range" for FTP but it did not help. After I noticed that the delay seemed to be servers associated with a specific ISP, I contacted them and got this reply: The delay is due to the IDENT/AUTH request that comes from the FTP server when you connect. It is a server-dependent setting and is fairly common and applies to other services as well (i.e. SMTP, and even POP3/IMAP).. The good thing is it is usually easy to set up your router to send back a "reset" message (i.e. block the connection and send back a notice vs. silently block) when the request comes in. That will allow the IDENT/AUTH to happen quickly (almost instantaneous). I don't see anything about this in the admin page.

Mike

------------------------------------------------------------------------ View this thread:

formatting link

Reply to
eznoh
Loading thread data ...

eznoh hath wroth:

Your ISP should not be using IDENT as most router manufactuers and users consider it a security problem. It's really the ISP's problem on their ftp server or router configuration. See:

as an example. Contrary to what your ISP claims, it is NOT common to use IDENT for ftp and other services. If you sniff the incoming traffic, or look at the router logs, you might see the IDENT packets being dropped at your firewall.

If the ISP won't cooperate, then install the IDENT daemon at:

It works on W2K and XP. No clue about Vista. You'll also need to redirect port 113 to your PC (I would use port triggering for this) in the WRT150N. That should satisfy the ftp server happy.

It's also possible that IDENT is not the problem. Some ftp servers insist on running a reverse-DNS lookup on all connections. Your ISP's DNS server may not be doing that properly. Yours seems to be ok at: 62.82.88.76.in-addr.arpa PTR cpe-76-88-82-62.san.res.rr.com. but I'm not sure if you're having the problem at this particular IP address.

Out of curiousity, does your WRT150N hang or lockup?

Reply to
Jeff Liebermann

Jeff Liebermann hath wroth:

Argh, wrong. Port triggering won't work with IDENT as there is no outgoing traffic on which to initiate the triggering. You'll have to use port forwarding instead.

If you run an alternative Linux based firmware in your router, you can also setup IDENT services in the router. See: v1 only, not v2.

Reply to
Jeff Liebermann

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.