1 |
On Sunday 09 March 2008, Collin Starkweather wrote: |
2 |
> To preface the question, I should mention that I'm currently residing |
3 |
> in China, so communication with the networking guys on this end is a |
4 |
> bit difficult because the communication algorithm typically begins, |
5 |
> "Step 1: Learn Chinese." |
6 |
|
7 |
I would argue that your Chinese domain is blacklisted due to exhaustive number |
8 |
of owned MSWindows boxen and botnets that ping the rest of us without |
9 |
respite, from China. I really wish their step 1 was "learn how to protect |
10 |
your PC, even if it runs an illegitimate Mickey Mouse OS". </sarcasm> |
11 |
|
12 |
> I am having difficulties with getting bumped out of an SSH connection |
13 |
> from a server in the U.S. with "Connection reset by peer" maybe 5-10 |
14 |
> seconds after logging in. |
15 |
> |
16 |
> It *only* occurs in my apartment; i.e., when I go to a local wifi |
17 |
> hotspot, I have no difficulties whatsoever. So I don't think it's |
18 |
> coming from my end, and I don't think it's coming from the server I'm |
19 |
> logging in to. |
20 |
> |
21 |
> Some details: |
22 |
> |
23 |
> 1) To ensure that I'm not having problems with keepalives, I |
24 |
> configured SSHD on the other end very liberally (with some |
25 |
> impressively fast typing, if I do say so myself). In sshd_config, I |
26 |
> have |
27 |
> |
28 |
> TCPKeepAlive no |
29 |
> ClientAliveInterval 15 |
30 |
> ClientAliveCountMax 12 |
31 |
|
32 |
Why don't you leave keepalive On? I would switch that flag to yes and perhaps |
33 |
increase the Interval to 60 seconds or more? |
34 |
|
35 |
> 2) I then set ethereal running. Just as I got bumped, it indicated |
36 |
> |
37 |
> Source Destination Protocol Info |
38 |
> (the server) (my laptop) TCP 22 > 1259 [RST, ACK] Seq=5357 |
39 |
> Ack=4037 Win=63856 Len=0 |
40 |
|
41 |
The packet flag [RST, ACK] indicates that the port is closed. |
42 |
|
43 |
> I'm not a networking guy, but I think that means a reset packet is |
44 |
> being sent, ostensibly from the server. |
45 |
|
46 |
Yep, to indicate that the port has closed. |
47 |
|
48 |
> 3) When I get bumped, ssh -vvv gives the following |
49 |
> |
50 |
> debug1: channel 0: free: client-session, nchannels 1 |
51 |
> debug3: channel 0: status: The following connections are open: |
52 |
> #0 client-session (t4 r0 i0/0 o0/0 fd 4/5 cfd -1) |
53 |
> debug3: channel 0: close_fds r 4 w 5 e 6 c -1 |
54 |
> Read from remote host www.bogusdomain.com: Connection reset by peer |
55 |
> Connection to www.bogusdomain.com closed. |
56 |
> debug1: Transferred: stdin 0, stdout 0, stderr 126 bytes in 17.1 seconds |
57 |
> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 7.4 |
58 |
> debug1: Exit status -1 |
59 |
|
60 |
The server closes the connection. |
61 |
|
62 |
> If the reset is not coming from the server or the client (I don't have |
63 |
> any problems when I'm at a hotspot), where could it be coming from? |
64 |
|
65 |
Are you using the same NIC on the laptop? If yes, then the issue could be |
66 |
related to your router configuration., but my money is on your keepalive |
67 |
settings. See if my suggestions above help. |
68 |
-- |
69 |
Regards, |
70 |
Mick |