> >>> ftp://raq2.s-zone.org/pub/NetBSD/RestoreCD-
> >>> COBALT-20-20050703-181453.iso.gz
> 
> Well, it went up fine, I got the -current pkgsrc and built a few  
> things, but still have a huge lag when using ssh from the WAN side.
> 
> telnet through LAN or WAN is snappy.  ssh thru LAN side is fine.
> 
> file downloads from netbsd.org go super fast (thru WAN of course).
> 
> file transfers within the LAN (sftp user@192.168.0.5) go super fast.
> 
> file transfers from the WAN side (sftp user@host.domain) go at 2kb/ 
> second (that's lower case b) or less.
> 
> I've swapped cables but that doesn't help, and if it were a bad cable  
> I'd expect slow transfers everywhere, and telnet not to work well,  
> since telnet doesn't do well with packet loss at all.
> 
> I've got UseDNS no    set.
> 
> I've turned PAM off just in case, it was performing strangely for me  
> under 1.6.1.
> 
> I'm stumped!
> 
> Could I have something set improperly for host/domain settings?  It's  
> all the same as it was when I had 1.6.1.
> 
> This is using a Netgear MR814v2 router, I've changed from my old  
> Netgear MR314 as the MR314 could not disable remote admin, people  
> were always trying to telnet into it.    throughput for everything  
> else and other CPUs in thele to hosue  is super fast; it seems unlikely to
 
> be the router or cabling to me.
> 
> I guess I can download all the 2.0.2 release stuff and try that.
> 
> I haven't tried building my own kernel, but I don't have any constant  
> messages about my SCSI card as I did in 1.6.1.
> 
> Thoughts welcome.  I would especially appreciate ideas on system  
> stats to look at, to tell me WHERE the lag is coming from.
> 
> thanks,
> 
> Brian
Hi Brian.

MR814v2 Sidenote: 
After having heard about netgears "hidden service password" in 
their firmware i removed my netgear from the lan. 
I think i remember two seriuos remote exploits (hidden service password & 
accessible config page without loggin on. firmware upgrade only changed the
password
instead of closing the hidden service access. Hmmm.).
And my MR814v2 was not able to transfer greater files (ie. db dumps) over
the WLAN.
The connection always died until i updated the firmware. so i do not trust
my
netgear anymore...

ok. 

could you run sshd and your ssh client with debug output and redirect it to
a file?
could you also make a tcpdump for the wan side with some ssh traffic to see
packets flow?

maybe with ssh debug one can see what ssh is stumbling over.

As far as i know wrong dns settings only affect the login times (client
hostname resolution).
but after being logged in the ssh session should run smoothly.

How long is the cable between the netgear and your cube?
I once had a network issue where the cable was to short (50 cm cross over).

Is the cube directly plugged into the netgears 4-port switch connectors?
Any wiring plan?

Are you able to monitor the traffic on the outer side of the netgear.
Maybe by pluggin the complete wan side onto a single hub and attach another
bsd box to it to tcpdump packets in promiscous mode.

another idea wold be to set the neatgear to "static routing" on the wan side
and just plug in
another bsd box with different network and def. gateway set to the netgear
so it acts as
a static router (then use ip's instead of names)

greetings
Andi

-- 
5 GB Mailbox, 50 FreeSMS http://www.gmx.net/de/go/promail
+++ GMX - die erste Adresse für Mail, Message, More +++