SSH problem with Dlink DIR 655 Router Firmware version 1.21

The most recent versions of Dlink's firmware for the DIR 655 Router
(versions 1.20 and 1.21) cripple SSH. Making an SSH connection to my
systems takes approximately a minute, dropping back to the older version
of the firmware (1.11) fixes the problem (connecting takes a second). I
have two ports open, the standard port 22 to a CentOS5.2 machine and a
high port to a Fedora 9 machine, both exhibit the same problem.

Does anyone have any theories about what they might have done to cause
this behavior? Does SSH attempt to open any other ports besides the port
it's configured for?

General Schvantzkoph wrote:
> The most recent versions of Dlink's firmware for the DIR 655 Router
> (versions 1.20 and 1.21) cripple SSH. Making an SSH connection to my
> systems takes approximately a minute, dropping back to the older version
> of the firmware (1.11) fixes the problem (connecting takes a second). I
> have two ports open, the standard port 22 to a CentOS5.2 machine and a
> high port to a Fedora 9 machine, both exhibit the same problem.
>
> Does anyone have any theories about what they might have done to cause
> this behavior? Does SSH attempt to open any other ports besides the port
> it's configured for?

Perhaps it has started routing IPV6

Robert

On Wed, 17 Dec 2008 21:43:13 +0000, Robert Harris wrote:

> General Schvantzkoph wrote:
>> The most recent versions of Dlink's firmware for the DIR 655 Router
>> (versions 1.20 and 1.21) cripple SSH. Making an SSH connection to my
>> systems takes approximately a minute, dropping back to the older
>> version of the firmware (1.11) fixes the problem (connecting takes a
>> second). I have two ports open, the standard port 22 to a CentOS5.2
>> machine and a high port to a Fedora 9 machine, both exhibit the same
>> problem.
>>
>> Does anyone have any theories about what they might have done to cause
>> this behavior? Does SSH attempt to open any other ports besides the
>> port it's configured for?
>
> Perhaps it has started routing IPV6
>
> Robert

I didn't see any option for IPV6 in the menus, but it's an interesting
theory. I'll try reloading the latest firmware and enable IPV6 on my ssh
servers.

On Wed, 17 Dec 2008 21:43:13 +0000, Robert Harris wrote:

> General Schvantzkoph wrote:
>> The most recent versions of Dlink's firmware for the DIR 655 Router
>> (versions 1.20 and 1.21) cripple SSH. Making an SSH connection to my
>> systems takes approximately a minute, dropping back to the older
>> version of the firmware (1.11) fixes the problem (connecting takes a
>> second). I have two ports open, the standard port 22 to a CentOS5.2
>> machine and a high port to a Fedora 9 machine, both exhibit the same
>> problem.
>>
>> Does anyone have any theories about what they might have done to cause
>> this behavior? Does SSH attempt to open any other ports besides the
>> port it's configured for?
>
> Perhaps it has started routing IPV6
>
> Robert

I reloaded the 1.21 firmware and I enabled IPV6 on my ssh server (there
is no IPV6 option on the router that I can find). Enabling IPV6 on the
server didn't help, it still took a minute to access the ssh server.

On Dec 17, 12:10*pm, General Schvantzkoph <schvantzk...@yahoo.com>
wrote:

> The most recent versions of Dlink's firmware for the DIR 655 Router
> (versions 1.20 and 1.21) cripple SSH. Making an SSH connection to my
> systems takes approximately a minute, dropping back to the older version
> of the firmware (1.11) fixes the problem (connecting takes a second). I
> have two ports open, the standard port 22 to a CentOS5.2 machine and a
> high port to a Fedora 9 machine, both exhibit the same problem.

> Does anyone have any theories about what they might have done to cause
> this behavior? Does SSH attempt to open any other ports besides the port
> it's configured for?

Perhaps it's attempting to do reverse DNS on the IP that connects to
it and then forward DNS on the host name returned? This may be the new
default or it may be due to a new logging/filtering option (perhaps
that can be disabled).

DS

On Wed, 17 Dec 2008 16:05:53 -0800, David Schwartz wrote:

> On Dec 17, 12:10Â*pm, General Schvantzkoph <schvantzk...@yahoo.com>
> wrote:
>
>> The most recent versions of Dlink's firmware for the DIR 655 Router
>> (versions 1.20 and 1.21) cripple SSH. Making an SSH connection to my
>> systems takes approximately a minute, dropping back to the older
>> version of the firmware (1.11) fixes the problem (connecting takes a
>> second). I have two ports open, the standard port 22 to a CentOS5.2
>> machine and a high port to a Fedora 9 machine, both exhibit the same
>> problem.
>
>> Does anyone have any theories about what they might have done to cause
>> this behavior? Does SSH attempt to open any other ports besides the
>> port it's configured for?
>
> Perhaps it's attempting to do reverse DNS on the IP that connects to it
> and then forward DNS on the host name returned? This may be the new
> default or it may be due to a new logging/filtering option (perhaps that
> can be disabled).
>
> DS

I found out what it was from a forum on the Dlink site. It is a DNS
problem, the DNS Relay feature has a bug in this version of the firmware.
I disabled it and the problem disappeared.