# Why ftpd connected so slow, about 30 second



## muxuefeng (Jul 14, 2020)

I edit /etc/rc.conf to `ftpd_enable="YES"`, it's ok from localhost, but I use filezilliaFtp from other computer, it take about 30 seconds until the directory show, anybody can help me, thank you very much


----------



## SirDice (Jul 14, 2020)

Firewall?  Active or passive FTP?


----------



## olli@ (Jul 14, 2020)

That sounds like a DNS timeout.  That is, ftpd(8) is trying to look up the DNS name for the incoming FTP connection, but for some reason it doesn't work and times out after 30 seconds. That's just a guess, but the symptom is really typical for such a situation. You can confirm it by looking for the DNS packets with tcpdump(1).

However, I'm not sure how to solve the problem. I don't think ftpd(8) has a switch for disabling DNS lookups. A workaround might be to reject that particular DNS request in your firewall or packet filter, so it returns an error right away, without having to wait for the timeout. This is all assuming that your DNS is set up correctly in general, of course. In case you're running your own name server, you might be able to handle the situation there.

Of course, it's entirely possible that the problem is caused by something else.


----------



## SirDice (Jul 14, 2020)

olli@ said:


> A workaround might be to reject that particular DNS request in your firewall or packet filter, so it returns an error right away, without having to wait for the timeout.


Or just  add the client's address and hostname to /etc/hosts.


----------



## muxuefeng (Jul 15, 2020)

SirDice said:


> Or just  add the client's address and hostname to /etc/hosts.


I have add my client ip address to hosts, but it doesn't work.


----------



## olli@ (Jul 15, 2020)

muxuefeng said:


> I have add my client ip address to hosts, but it doesn't work.


You need to add the connecting machine’s IP address (not your own), because that’s the address that ftpd(8) is trying to resolve.
That only works if the IP address is always the same, of course. To find out the IP address, while the connection is established, use the command `netstat -Sp tcp` and look for lines containing an “ftp” port. The remote host's IP address (plus its port, which need not be ftp) can be found in the “Foreign Address” column.

By the way, the easiest way to test the lookup of an IP address on the command line is `getent hosts <IP_address>`, for example `getent hosts 1.2.3.4`. Technically it does the same thing as other programs like ftpd(8), so it’s useful for testing. *Do not* use specialized DNS tools for that purpose, like `nslookup`, `dig` or `host`, because they ignore /etc/hosts.


----------

