On 07/02/13 15:50, Kapetanakis Giannis wrote:
Hi,
I'm trying to use an OB server as an icecast streaming server. I'm
also trying to use relayd
as a relay between the client and icecast server to limit access to
admin pages of icecast.
I have a problem with relayd closing connections. I believe it does
that because of the session timeout.
Here are some details:
# relayctl show sessions
session 0:4 client_IP:49387 -> 127.0.0.1:8002 RUNNING
age 00:00:38, idle 00:00:38, relay 1, pid 9275
relayd thinks it is idle although there are syn/ack packets going both
directions.
relayd debug:
relay icecastproxy, session 4 (1 active), 0, client_IP ->
127.0.0.1:8002, hard timeout
tcpdump:
15:34:48.116939 server.8000 > client.49387: P 695922:696058(136) ack
524 win 2172 <nop,nop,timestamp 2916967890 1128121967> (DF)
15:34:48.117150 server.8000 > client.49387: . 696058:697506(1448) ack
524 win 2172 <nop,nop,timestamp 2916967890 1128121967> (DF)
15:34:48.117197 server.8000 > client.49387: . 697506:698954(1448) ack
524 win 2172 <nop,nop,timestamp 2916967890 1128121967> (DF)
15:34:48.117251 client.49387 > server.8000: . ack 693026 win 83
<nop,nop,timestamp 1128122687 2916967890> (DF)
15:34:48.117275 client.49387 > server.8000: . ack 694474 win 82
<nop,nop,timestamp 1128122687 2916967890> (DF)
15:34:48.117291 client.49387 > server.8000: . ack 695922 win 80
<nop,nop,timestamp 1128122687 2916967890> (DF)
15:34:48.117307 client.49387 > server.8000: . ack 696058 win 80
<nop,nop,timestamp 1128122687 2916967890> (DF)
15:34:48.117663 client.49387 > server.8000: . ack 697506 win 83
<nop,nop,timestamp 1128122687 2916967890> (DF)
15:34:48.117691 client.49387 > server.8000: . ack 698954 win 82
<nop,nop,timestamp 1128122687 2916967890> (DF)
15:34:48.117744 server.8000 > client.49387: P 698954:700215(1261) ack
524 win 2172 <nop,nop,timestamp 2916967890 1128122687> (DF)
15:34:48.118333 client.49387 > server.8000: . ack 700215 win 83
<nop,nop,timestamp 1128122688 2916967890> (DF)
*15:34:48.168128 server.8000 > client.49387: F 700215:700215(0) ack
524 win 2172 <nop,nop,timestamp 2916967890 1128122688> (DF)*
15:34:48.168467 client.49387 > server.8000: F 524:524(0) ack 700216
win 83 <nop,nop,timestamp 1128122738 2916967890> (DF)
15:34:48.168529 server.8000 > client.49387: . ack 525 win 2172
<nop,nop,timestamp 2916967890 1128122738> (DF)
The server sends the FIN packet and closes the connection.
my relayd.conf looks like this:
relay icecastproxy {
listen on $ext_addr port $ext_port
# protocol adminfilter # limit access to admin pages
forward to $icecast_host port $icecast_port
session timeout 10 # seconds
}
pf is simple:
anchor "relayd/*" all
pass in quick all flags S/SA
pass out all flags S/SA
If I increase the session timeout to a BIG value then I have no
problem. However I don't think this is the right approach.
Shouldn't relayd treat the connection as NOT idle thus not close it?
regards,
Giannis
I've managed to reproduce this with ssh and the example from relayd.conf
protocol sshtcp {
tcp nodelay
}
relay sshgw {
listen on $ext_addr port 2222
protocol sshtcp
session timeout 10 # seconds
forward to $sshhost1 port 22
}
If I type on terminal (press enter all the time) the connection stays
open. Nevertheless
relayctl show sessions
shows idle==age no mater if I type or not.
The connection is closed if I don't type anything in the terminal for 10
seconds.
Even if the remote server sends me data (watch -n 1 date) the connection
still closes. This takes more than 10 seconds...
ssh root@relay -p 2222
# ksh
# while [[ 1 ]] ; do ; date ; sleep 1; done
Fri Feb 8 14:22:12 EET 2013
Fri Feb 8 14:22:13 EET 2013
...
Fri Feb 8 14:22:39 EET 2013
Fri Feb 8 14:22:40 EET 2013
Connection to relay closed by remote host.
Giannis
ps. Sometimes the connection is closed even if I type on the terminal:
[sshhost1~]# date
Fri Feb 8 14:26:39 EET 2013
[sshhost1~]# date
Fri Feb 8 14:26:40 EET 2013
...
[sshhost1~]# date
Fri Feb 8 14:27:38 EET 2013
[sshhost1~]# date
Fri Feb 8 14:27:39 EET 2013
[sshhost1~]# Connection to relay closed by remote host.
Connection to rs closed.
[client ~] > date
Fri Feb 8 14:27:43 EET 2013
clocks are synced
