[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-security
Subject:    SSH Connection Time Problems
From:       "Michael W. Collette" <metrol () metrol ! net>
Date:       2002-04-16 22:23:37
[Download RAW message or body]

Recently I have had some problems with getting an SSH connection from my 
FreeBSD 4.5-Stable box to my web hosting company's servers, also running 
FreeBSD.  It takes over a minute to establish a connection, which is really 
mucking up the tunnelling of services I have going to them.

Initially I was thinking that something changed on the web host, as I was able 
to make http and pop3 connections to them without delay.  Upon writing them 
about this they suggested that the problem with network latency.  Didn't make 
much sense to me, as latency shouldn't be protocol specific.  Even still, I 
contacted my ISP about this.

The tech at my ISP didn't have any delay getting a connection to the web host.  
He then set me up with a shell account on a RedHat box they were running 
their hosting on.  I was able to get an SSH connection directly to them 
without delay.

I'm running IPFW here, so I added a pass everything rule to cancel it out.  No 
difference.

I have 2 IP addresses with this ISP, the other sitting on an NT box.  I 
attempted an SSH connection to the web host with it using TeraTerm, and it 
worked perfectly.  Only my FreeBSD box is experiencing the delay to that web 
host.

I also have FreeBSD sitting on a laptop here.  It connects to the Internet 
through my desktop FreeBSD machine running NAT.  From there, it too has a 
horrible delay in connecting.  If I take and give it a static IP outside it 
is able to connect without delay.

After all that, not even sure exactly what to ask.  Banging my head on this 
one for almost a week now.  I'm running the built in SSH with FreeBSD, and 
I've rebuilt world as of yesterday.  It seems like an IPFW issue.  I haven't 
made any major changes to my ruleset in months, other than toggling the "pass 
any" for testing.

This problem may have coincided with a make world I did last week, but I 
honestly don't recall the time frame.  My IPFW logging isn't showing 
anything, and I'm not getting any other errors that I can see.  Also, once I 
do get an SSH connection, the throughput is perfectly normal.

Sorry about the length of this post, but I've been trying so many different 
things to figure out what is going on that I thought I should document it a 
bit.  I'm considering doing a cvsup back to 4.5-Release to see if that helps.  
Wanted to inquire about opinions on this before doing so.

Later on,
-- 
"Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark 
to read."
 - Groucho Marx

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
[prev in list] [next in list] [prev in thread] [next in thread]