vsftpd is set up to be invoked by xinetd.  The settings in /etc/xinetd.d/vsftpd are such that xinetd will attempt to do RFC 1413 (identd) enquiry against the connecting host before passing the connection over to vsftpd.  In some situations this is responsible for a hefty delay in establishing the connection and the ftp attempt appears to initially hang).

Specifically this behaviour is a result of 'USERID' in the following lines of /etc/xinetd.d/vsftpd:

       log_on_success  += DURATION USERID
       log_on_failure  += USERID
 
Removing 'USERID' on these lines solves the problem.


Reproducible: Sometimes
Steps to Reproduce:
1. telnet to port 21 on a host running vsftpd in the stock gentoo deployment (i.e., try to connect by ftp).
Actual Results:  
If the connect is coming from a stealthy host, e.g. a computer behind some kind of NAT device which 
doesn't respond to pings etc., there will be a lengthy delay (dozens and dozens of seconds) before the 
"220 Welcome..." message is returned.

Expected Results:  
There should be no delay in vsftpd getting control of the session.  This can be ensured by removing the 
'USERID' params from the xinetd conf.

vsftpd 1.2.2 from portage.