Re: ssh tunnel delay
On Tue, Sep 10, 2013 at 02:28:37PM +0200, Juan Sierra Pons wrote: > 2013/9/10 Sean Alexandre > > > > On Tue, Sep 10, 2013 at 01:11:17PM +0200, Juan Sierra Pons wrote: > > > Hi, > > > > > > I don't see anything strange in the logs provided. Do you see anything > > > strange in your dmesg, /var/log/daemon.log, etc? > > > > > > Is the DNS on the server's side working properly? Sometimes when the > > > reverse DNS is not properly configure some TCP based services get some > > > delay on first connection: ssh, mysql, etc > > > > > > Can a network issue be discarded. Please check with mtr: mtr remote > > > server > > > > > > Not a solution but a very tiny improvement , launch the tunnel with the -C > > > (compression) parameter. > > > > Thanks for looking at this. The other things you list look fine. I did > > notice > > something else with the log, though. Below I type the line "hello". Then > > there's the 80 second delay. And then there's the log messages after the > > "hello": > > > > debug1: Entering interactive session. > > client> nc localhost 1110 > > hello > > debug1: Connection to port 1110 forwarding to localhost port 1212 requested. > > debug2: fd 6 setting TCP_NODELAY > > debug2: fd 6 setting O_NONBLOCK > > debug3: fd 6 is O_NONBLOCK > > debug1: channel 2: new [direct-tcpip] > > debug2: channel 2: open confirm rwindow 2097152 rmax 32768 > > > > I think the delay no longer happens, with subsequent lines, because > > TCP_NODELAY and O_NONBLOCK get set. I wonder if there's a way to configure > > things to set those from the start? > > > Hi, > > I have found a kind of workaround: > http://www.gossamer-threads.com/lists/openssh/bugs/56042 > If the ssh client is invoked with: > ssh -N host -R port # TCP_NODELAY is not set > ssh -n host -R port sleep 1d # TCP_NODELAY is set - this is a workaround > > Can you try to launch the tunnel without the -N parameter (maybe you > can send later the tunnel to background) I get the same thing, unfortunately, with this: ssh -o IPQoS="lowdelay lowdelay" -o ExitOnForwardFailure=yes -f -L1110:localhost:1212 skoki3 sleep 1d I've also added this line to /etc/ssh/sshd_config on the server, and restarted ssh there: IPQoS lowdelay lowdelay This bug report makes it sound like the bug's been fixed on Debian 7.0, but maybe not: Debian Bug report logs - #643312 openssh-client: IPQoS option ignored for AF_INET since 5.9p1-1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643312 I've got version 1:6.0p1-4 of openssh-client. The bug report says the problems fixed there, but maybe not. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130910130754.GA14913@tuzo
Re: ssh tunnel delay
-- Juan Sierra Pons j...@elsotanillo.net Linux User Registered: #257202 http://www.elsotanillo.net GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -- 2013/9/10 Sean Alexandre > > On Tue, Sep 10, 2013 at 01:11:17PM +0200, Juan Sierra Pons wrote: > > Hi, > > > > I don't see anything strange in the logs provided. Do you see anything > > strange in your dmesg, /var/log/daemon.log, etc? > > > > Is the DNS on the server's side working properly? Sometimes when the > > reverse DNS is not properly configure some TCP based services get some > > delay on first connection: ssh, mysql, etc > > > > Can a network issue be discarded. Please check with mtr: mtr remote server > > > > Not a solution but a very tiny improvement , launch the tunnel with the -C > > (compression) parameter. > > Thanks for looking at this. The other things you list look fine. I did notice > something else with the log, though. Below I type the line "hello". Then > there's the 80 second delay. And then there's the log messages after the > "hello": > > debug1: Entering interactive session. > client> nc localhost 1110 > hello > debug1: Connection to port 1110 forwarding to localhost port 1212 requested. > debug2: fd 6 setting TCP_NODELAY > debug2: fd 6 setting O_NONBLOCK > debug3: fd 6 is O_NONBLOCK > debug1: channel 2: new [direct-tcpip] > debug2: channel 2: open confirm rwindow 2097152 rmax 32768 > > I think the delay no longer happens, with subsequent lines, because > TCP_NODELAY and O_NONBLOCK get set. I wonder if there's a way to configure > things to set those from the start? > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: http://lists.debian.org/20130910120513.GA14348@tuzo > Hi, I have found a kind of workaround: http://www.gossamer-threads.com/lists/openssh/bugs/56042 If the ssh client is invoked with: ssh -N host -R port # TCP_NODELAY is not set ssh -n host -R port sleep 1d # TCP_NODELAY is set - this is a workaround Can you try to launch the tunnel without the -N parameter (maybe you can send later the tunnel to background) Regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CABS=y9v7VnDndH1zPVqX2wfD=trfvbta5f-9gb6gnzopro6...@mail.gmail.com
Re: ssh tunnel delay
On Tue, Sep 10, 2013 at 01:11:17PM +0200, Juan Sierra Pons wrote: > Hi, > > I don't see anything strange in the logs provided. Do you see anything > strange in your dmesg, /var/log/daemon.log, etc? > > Is the DNS on the server's side working properly? Sometimes when the > reverse DNS is not properly configure some TCP based services get some > delay on first connection: ssh, mysql, etc > > Can a network issue be discarded. Please check with mtr: mtr remote server > > Not a solution but a very tiny improvement , launch the tunnel with the -C > (compression) parameter. Thanks for looking at this. The other things you list look fine. I did notice something else with the log, though. Below I type the line "hello". Then there's the 80 second delay. And then there's the log messages after the "hello": debug1: Entering interactive session. client> nc localhost 1110 hello debug1: Connection to port 1110 forwarding to localhost port 1212 requested. debug2: fd 6 setting TCP_NODELAY debug2: fd 6 setting O_NONBLOCK debug3: fd 6 is O_NONBLOCK debug1: channel 2: new [direct-tcpip] debug2: channel 2: open confirm rwindow 2097152 rmax 32768 I think the delay no longer happens, with subsequent lines, because TCP_NODELAY and O_NONBLOCK get set. I wonder if there's a way to configure things to set those from the start? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130910120513.GA14348@tuzo
Re: ssh tunnel delay
Hi, I don't see anything strange in the logs provided. Do you see anything strange in your dmesg, /var/log/daemon.log, etc? Is the DNS on the server's side working properly? Sometimes when the reverse DNS is not properly configure some TCP based services get some delay on first connection: ssh, mysql, etc Can a network issue be discarded. Please check with mtr: mtr remote server Not a solution but a very tiny improvement , launch the tunnel with the -C (compression) parameter. Best Regards -- Juan Sierra Pons j...@elsotanillo.net Linux User Registered: #257202 http://www.elsotanillo.net GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -- 2013/9/10 Sean Alexandre > On Tue, Sep 10, 2013 at 12:25:59PM +0200, Juan Sierra Pons wrote: > > Can you launch the tunnel in verbose (-vvv) mode and send the logs? > > ssh -vvv -o ExitOnForwardFailure=yes -fN -L1110:localhost:1212 server > > Here's what I'm seeing with -vvv: > http://paste.debian.net/37873/ > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: http://lists.debian.org/20130910104403.GA13329@tuzo > >
Re: ssh tunnel delay
On Tue, Sep 10, 2013 at 12:25:59PM +0200, Juan Sierra Pons wrote: > Can you launch the tunnel in verbose (-vvv) mode and send the logs? > ssh -vvv -o ExitOnForwardFailure=yes -fN -L1110:localhost:1212 server Here's what I'm seeing with -vvv: http://paste.debian.net/37873/ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130910104403.GA13329@tuzo
Re: ssh tunnel delay
Hi, Can you launch the tunnel in verbose (-vvv) mode and send the logs? ssh -vvv -o ExitOnForwardFailure=yes -fN -L1110:localhost:1212 server Thank you Regards -- Juan Sierra Pons j...@elsotanillo.net Linux User Registered: #257202 http://www.elsotanillo.net GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -- 2013/9/10 Sean Alexandre > I'm seeing a delay when I attempt a connection through an ssh tunnel. The > connection's fast without the tunnel, but has an inital 80 second delay > with > it. > > Here's the case that works, without the tunnel. I see lines I type echoed > immediately: > > server> nc -l -p 1212 > client> nc server 1212 > > But if instead I do this, the first line isn't seen for about 80 seconds. > After that, > everything's fine and lines appear immediately: > > server> nc -l -p 1212 > client> ssh -o ExitOnForwardFailure=yes -fN -L1110:localhost:1212 server > client> nc localhost 1110 > > I can ssh to the server fine, with no delay. Any ideas why the tunnel has > the delay? > > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: http://lists.debian.org/20130910101005.GA13051@tuzo > >
ssh tunnel delay
I'm seeing a delay when I attempt a connection through an ssh tunnel. The connection's fast without the tunnel, but has an inital 80 second delay with it. Here's the case that works, without the tunnel. I see lines I type echoed immediately: server> nc -l -p 1212 client> nc server 1212 But if instead I do this, the first line isn't seen for about 80 seconds. After that, everything's fine and lines appear immediately: server> nc -l -p 1212 client> ssh -o ExitOnForwardFailure=yes -fN -L1110:localhost:1212 server client> nc localhost 1110 I can ssh to the server fine, with no delay. Any ideas why the tunnel has the delay? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130910101005.GA13051@tuzo
