| 1 |
On Sunday 09 March 2008, Collin Starkweather wrote: |
| 2 |
> To preface the question, I should mention that I'm currently residing |
| 3 |
> in China, so communication with the networking guys on this end is a |
| 4 |
> bit difficult because the communication algorithm typically begins, |
| 5 |
> "Step 1: Learn Chinese." |
| 6 |
|
| 7 |
I would argue that your Chinese domain is blacklisted due to exhaustive number |
| 8 |
of owned MSWindows boxen and botnets that ping the rest of us without |
| 9 |
respite, from China. I really wish their step 1 was "learn how to protect |
| 10 |
your PC, even if it runs an illegitimate Mickey Mouse OS". </sarcasm> |
| 11 |
|
| 12 |
> I am having difficulties with getting bumped out of an SSH connection |
| 13 |
> from a server in the U.S. with "Connection reset by peer" maybe 5-10 |
| 14 |
> seconds after logging in. |
| 15 |
> |
| 16 |
> It *only* occurs in my apartment; i.e., when I go to a local wifi |
| 17 |
> hotspot, I have no difficulties whatsoever. So I don't think it's |
| 18 |
> coming from my end, and I don't think it's coming from the server I'm |
| 19 |
> logging in to. |
| 20 |
> |
| 21 |
> Some details: |
| 22 |
> |
| 23 |
> 1) To ensure that I'm not having problems with keepalives, I |
| 24 |
> configured SSHD on the other end very liberally (with some |
| 25 |
> impressively fast typing, if I do say so myself). In sshd_config, I |
| 26 |
> have |
| 27 |
> |
| 28 |
> TCPKeepAlive no |
| 29 |
> ClientAliveInterval 15 |
| 30 |
> ClientAliveCountMax 12 |
| 31 |
|
| 32 |
Why don't you leave keepalive On? I would switch that flag to yes and perhaps |
| 33 |
increase the Interval to 60 seconds or more? |
| 34 |
|
| 35 |
> 2) I then set ethereal running. Just as I got bumped, it indicated |
| 36 |
> |
| 37 |
> Source Destination Protocol Info |
| 38 |
> (the server) (my laptop) TCP 22 > 1259 [RST, ACK] Seq=5357 |
| 39 |
> Ack=4037 Win=63856 Len=0 |
| 40 |
|
| 41 |
The packet flag [RST, ACK] indicates that the port is closed. |
| 42 |
|
| 43 |
> I'm not a networking guy, but I think that means a reset packet is |
| 44 |
> being sent, ostensibly from the server. |
| 45 |
|
| 46 |
Yep, to indicate that the port has closed. |
| 47 |
|
| 48 |
> 3) When I get bumped, ssh -vvv gives the following |
| 49 |
> |
| 50 |
> debug1: channel 0: free: client-session, nchannels 1 |
| 51 |
> debug3: channel 0: status: The following connections are open: |
| 52 |
> #0 client-session (t4 r0 i0/0 o0/0 fd 4/5 cfd -1) |
| 53 |
> debug3: channel 0: close_fds r 4 w 5 e 6 c -1 |
| 54 |
> Read from remote host www.bogusdomain.com: Connection reset by peer |
| 55 |
> Connection to www.bogusdomain.com closed. |
| 56 |
> debug1: Transferred: stdin 0, stdout 0, stderr 126 bytes in 17.1 seconds |
| 57 |
> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 7.4 |
| 58 |
> debug1: Exit status -1 |
| 59 |
|
| 60 |
The server closes the connection. |
| 61 |
|
| 62 |
> If the reset is not coming from the server or the client (I don't have |
| 63 |
> any problems when I'm at a hotspot), where could it be coming from? |
| 64 |
|
| 65 |
Are you using the same NIC on the laptop? If yes, then the issue could be |
| 66 |
related to your router configuration., but my money is on your keepalive |
| 67 |
settings. See if my suggestions above help. |
| 68 |
-- |
| 69 |
Regards, |
| 70 |
Mick |
Archives