On August 1, 2003 04:30 am, Brian May wrote: > If I ssh from the melbourne site directly to the auckland site and type > in "tail -f /var/log/messages" the ssh connection hangs, and Ctrl+C, > Ctrl+Q, and nothing else works. The only option I have is to kill the ssh > connection with "\n~.\n". If I leave the connection, eventually it times > out.
Is it safe to say that anything which generates significant traffic is causing the connection to freeze? At the same time as the connection is frozen, you can ssh in, exactly as before, and all seems well? I would expect that cat'ing /var/log/messages (or any file of significant size) will also freeze things up. What about scp'ing or ftp'ing a file over the connection? > Standard shorewall firewalls are used on both ends, but I really doubt > this would be an issue. Firewalls can't filter packets based on the > encrypted data transferred via a ssh connection... My guesses: - someone somewhere is dropping important icmp messages (types 3, 4, 11 or 12) - someone somewhere is dropping fragmented packets. In the case of icmp I would just duplicate the problem and run a tcpdump on either end (filtering specifically for icmp messages). If you see an icmp message on either end that doesn't reach the other side that could very well be the problem. Be 100% sure that your firewalls are allowing all ICMP (at least during debugging), the problem could still be outside of your immediate control though. If you're seeing fragments going out over the network make sure that they're _all_ received at the other end. With many cable and dsl connections (around here anyway) this is a common problem. Make sure that it isn't your firewalls dropping fragments. -- Fraser Campbell <[EMAIL PROTECTED]> http://www.wehave.net/ Halton Hills, Ontario, Canada Debian GNU/Linux -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
