x11vnc slow internet initial-connection performance – identd timeout



So, I had the script all ready, I’ve got my x11vnc custom compiled to be as widely compatible as possible, I’ve tested thoroughly on the internal network. The next step was to test my x11vnc “one cut and paste” script over the internet. So, I visited my parents pc which dual-boots Windows XP and Mandrake 10.0…. I did the cut and paste into the “run command…” menu and waited and waited and waited. dropped to a console and started again, but checked that x11vnc was already running. I didn’t know what could be taking so long. I tried again and the FIRST connection gave the prompt.


So, after verifying I had the connection, I closed it and tried again, this time I timed the connection. It took 3 minutes from clicking run to the prompt popup. On investigation, the problem was as follows….

my firewall was dropping identd packets (port 113). After setting the firewall just to reject identd packet and the initial connect dropped from 3 minutes to about 6 seconds. So, essentially x11vnc was trying to connect to the identd port on the “listener” machine (mine) and I had to make an adjustment to just tell it the port was closed (rather than the “stealth” mode of dropping packets.)

Anyway, on reading, I found that this is a known slowdown for a number of protocols (outgoing as well). It seems that some servers on receiving a connection try to connect back to the identd of the client. (IRC is known for this apparently.)

Anyway, after connection I found the performance (both with identd timing out and rejecting packets) to be reasonable (the vnc desktop session). Quite workable even, so it seemed as though the identd only slowed down the initial connect. I would recommend anyone else setting this up to reject identd packets instead of dropping them at the firewall. Of course, this wouldn’t be something the “end-user” of the “single cut and paste” download would need to worry with, but the person doing the remote supportdesk. (It’s worth thinking about in a lan if your machine has a firewall on by default and you’re doing support desk services there as well.)

   Send article as PDF   

Similar Posts