On Monday 2008-11-10 20:53, Tony Alfaro wrote:

>sshd doesn't work as well as it used to and I'm not sure why, I'm
>including a sanitized log snippet, hopefully someone can point out my
>stupidity for me...
>
>If I open a putty session from another network it's 50/50 whether or
>not I even get a response, and if I do, then it usually hangs after I
>enter my password and then times out - OR - it will connect, negotiate
>a session, and then die after about 20 minutes - in any case once dead
>it takes at least 20 - 30 minutes before it will allow me to connect
>again... Any ideas?


It might be that there is a ****ty router along the path that chokes
on TCP packets with SACK/DSACK. Been there - any packet bursts
(connection setup, or just loads of output from `ls -Rl`, or a bulk
transfer with rsync/scp/sftp) hung it.
Suggestion to try to disable SACK/DSACK.
In case your sshd is on Linux, you can use iptables's TCPOPTSTRIP to
get rid of the SACK pieces on the TCP SYN for SSH connections.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/li...enssh-unix-dev