Re: [Lxc-users] Broken pipe when ssh from host to container
Quoting Verdi March (cincaipat...@gmx.net): ... ifconfig br0 198.55.32.143 promisc up ... That all looks fine... The fact that it works fine when logging in from another machine but fails from the host itself must be relevant, but how... So your LAN is 198.55.32.X, and your containers are on 198.55.37.X... What does netstat -nr show you? -serge -- Learn Windows Azure Live! Tuesday, Dec 13, 2011 Microsoft is holding a special Learn Windows Azure training event for developers. It will provide a great way to learn Windows Azure and what it provides. You can attend the event by watching it streamed LIVE online. Learn more at http://p.sf.net/sfu/ms-windowsazure ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] Broken pipe when ssh from host to container
As additional info, the network configuration of the container is as follows: lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.name = eth0 lxc.network.mtu = 1500 Regards, Verdi Original-Nachricht Datum: Thu, 15 Dec 2011 07:21:06 +0100 Von: Verdi March cincaipat...@gmx.net An: lxc-users@lists.sourceforge.net Betreff: [Lxc-users] Broken pipe when ssh from host to container Hi, I setup a container on Ubuntu 10.04, using kernel 3.0 (backported from oneiric) and lxc 0.7.5. If I ssh from the host to the container, my session will be terminated in about 5 seconds with a error message Write failed: broken pipe. Ssh keep alive doesn't seem to be the issue, as I've enabled/set all relevant options. Interestingly, if I ssh from another machine rather from the host, I do not encounter this issue. Any insight on solving this problem is appreciated. ps. I'm including the debug output of ssh -vvv for your reference. = begin ssh log verdi.march@opencirrus-07308:~$ ssh -vvv root@198.55.37.111 OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 198.55.37.111 [198.55.37.111] port 22. debug1: Connection established. debug1: identity file /home/verdi.march/.ssh/identity type -1 debug1: identity file /home/verdi.march/.ssh/id_rsa type -1 debug1: identity file /home/verdi.march/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5 debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug3: Wrote 792 bytes for a total of 831 debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug3: Wrote 24 bytes for a total of 855 debug2: dh_gen_key: priv key bits set: 139/256 debug2: bits set: 537/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: Wrote 144 bytes for a total of 999 debug3
Re: [Lxc-users] Broken pipe when ssh from host to container
Quoting Verdi March (cincaipat...@gmx.net): As additional info, the network configuration of the container is as follows: lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 What does br0's config look like? Can you show us /etc/network/interfaces and output of brctl show ip link ip addr lxc.network.name = eth0 lxc.network.mtu = 1500 ... debug3: Wrote 32 bytes for a total of 2071 debug3: Wrote -1 bytes for a total of 2071 uh, well, in my professional opinion, that there is gonna be your problem /joke :) -serge -- 10 Tips for Better Server Consolidation Server virtualization is being driven by many needs. But none more important than the need to reduce IT complexity while improving strategic productivity. Learn More! http://www.accelacomm.com/jaw/sdnl/114/51507609/ ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] Broken pipe when ssh from host to container
Hi Serge, here's the requested information. Quoting Serge Hallyn serge.hal...@canonical.com: What does br0's config look like? Can you show us /etc/network/interfaces === verdi.march@opencirrus-07308:~$ cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet dhcp === FYI, the br0 was setup from the command line, hence you don't see it in the /etc/network/interfaces. Here're the commands I used to setup the bridge, based on instructions in https://www.ibm.com/developerworks/linux/library/l-lxc-containers/ brctl addbr br0 brctl setfd br0 0 ifconfig br0 198.55.32.143 promisc up brctl addif br0 eth0 ifconfig eth0 0.0.0.0 up The IP address is the same as what's allocated by DHCP to the eth0. and output of brctl show ip link ip addr verdi.march@opencirrus-07308:~$ brctl show bridge name bridge id STP enabled interfaces br0 8000.00237d9655a0 no eth0 veth5nJrod === verdi.march@opencirrus-07308:~$ ip link 1: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq master br0 state UP qlen 1000 link/ether 00:23:7d:96:55:a0 brd ff:ff:ff:ff:ff:ff 3: eth1: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:23:7d:96:55:a1 brd ff:ff:ff:ff:ff:ff 4: br0: BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP mtu 1500 qdisc noqueue state UP link/ether 00:23:7d:96:55:a0 brd ff:ff:ff:ff:ff:ff 30: veth5nJrod: BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000 link/ether a2:f8:09:be:00:ad brd ff:ff:ff:ff:ff:ff === verdi.march@opencirrus-07308:~$ ip addr 1: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq master br0 state UP qlen 1000 link/ether 00:23:7d:96:55:a0 brd ff:ff:ff:ff:ff:ff inet6 fe80::223:7dff:fe96:55a0/64 scope link valid_lft forever preferred_lft forever 3: eth1: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:23:7d:96:55:a1 brd ff:ff:ff:ff:ff:ff 4: br0: BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP mtu 1500 qdisc noqueue state UP link/ether 00:23:7d:96:55:a0 brd ff:ff:ff:ff:ff:ff inet 198.55.32.143/24 brd 198.55.32.255 scope global br0 inet6 fe80::223:7dff:fe96:55a0/64 scope link valid_lft forever preferred_lft forever 30: veth5nJrod: BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master br0 state UP qlen 1000 link/ether a2:f8:09:be:00:ad brd ff:ff:ff:ff:ff:ff inet6 fe80::a0f8:9ff:febe:ad/64 scope link valid_lft forever preferred_lft forever debug3: Wrote 32 bytes for a total of 2071 debug3: Wrote -1 bytes for a total of 2071 uh, well, in my professional opinion, that there is gonna be your problem /joke :) well, I don't mind that :) Regards, Verdi -- Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de -- Learn Windows Azure Live! Tuesday, Dec 13, 2011 Microsoft is holding a special Learn Windows Azure training event for developers. It will provide a great way to learn Windows Azure and what it provides. You can attend the event by watching it streamed LIVE online. Learn more at http://p.sf.net/sfu/ms-windowsazure ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
[Lxc-users] Broken pipe when ssh from host to container
Hi, I setup a container on Ubuntu 10.04, using kernel 3.0 (backported from oneiric) and lxc 0.7.5. If I ssh from the host to the container, my session will be terminated in about 5 seconds with a error message Write failed: broken pipe. Ssh keep alive doesn't seem to be the issue, as I've enabled/set all relevant options. Interestingly, if I ssh from another machine rather from the host, I do not encounter this issue. Any insight on solving this problem is appreciated. ps. I'm including the debug output of ssh -vvv for your reference. = begin ssh log verdi.march@opencirrus-07308:~$ ssh -vvv root@198.55.37.111 OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 198.55.37.111 [198.55.37.111] port 22. debug1: Connection established. debug1: identity file /home/verdi.march/.ssh/identity type -1 debug1: identity file /home/verdi.march/.ssh/id_rsa type -1 debug1: identity file /home/verdi.march/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5 debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug3: Wrote 792 bytes for a total of 831 debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug3: Wrote 24 bytes for a total of 855 debug2: dh_gen_key: priv key bits set: 139/256 debug2: bits set: 537/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: Wrote 144 bytes for a total of 999 debug3: check_host_in_hostfile: filename /home/verdi.march/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host '198.55.37.111' is known and matches the RSA host key. debug1: Found key in /home/verdi.march/.ssh/known_hosts:1 debug2: bits set: 516/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: Wrote 16 bytes for a total of 1015 debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug3: Wrote 48 bytes for a total of 1063 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/verdi.march/.ssh/identity ((nil)) debug2: key: /home/verdi.march/.ssh/id_rsa ((nil))