[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Re: Long Running SSH Tunnel, Slowing Down



On Tue, Mar 23, 2010 at 09:44:22AM +0000, John Morrison wrote:
> Tim,
> 
> I'm not an expert on ssh. IMHO this kind of behaviour is typical of a
> memory leak or the application running out of resources in some way.

Memory leak sounds very feasible here but do check what other processes 
are running in general. If you leave a process running for days, also 
check what _other_ stuff is running around it. (Andy, who has just had 
to reboot his home wifi router which is on 24/7 because it dies about 
once a week and loses DNS - a reset fixes it).

> So this may be a track worth pursuing before having to delve in to the
> more complex world of decoding packets. As you can establish a second
> tunnel alongside the slow tunnel and this works it is not an OS
> resource issue. It may be that instance of the ssh application (either
> your client or the instance of the daemon to which you connect) has
> run out of resources.
> 

Far down in your reply, you mention ssh using 1.4MiB of virtual memory -  
is this the figure from top or some such or do you mean that the machine 
is also hitting swap?

> My first reaction would be to update the software at each end to the
> latest revision. Second have a look for this specific issue with the
> software being used. It may be a known issue and that a specific
> parameter setting may resolve this.
> 

You have access to your end only to do this, I presume, and I note that 
you're using 8.04 which is an LTS release: if it's a server, then it's 
still within the ?? five years ?? support. 

The next iteration of Ubuntu 10.04 is also a long term supported release
and the beta is out now - the rest is due in April. Try building a test 
machine to see whether issues are resolved / there are other factors 
which may make you consider an upgrade in the future?

> If this makes no difference then try the more difficult decoding
> route. I suspect that the software has its own commands/tools to help
> with this. For example, Cisco has "debug" commands to help with
> troubleshooting, such as debug ip ssh
> (http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#debugandshowcommands).
> You may spot increasing number of errors as the link is used, or at
> least be able to work out which packets belong to which type of ssh
> traffic.
> 
 
> > After a while -- say a few days/weeks -- of having this tunnel
> > established, transactions through this tunnel slow down to a crawl. To
> > the point where requests will typically timeout. Establishing a brand
> > new tunnel alongside the slowing tunnel seems to work fine. I don't
> > see anything particularly wrong with the endpoint systems other than
> > that sshd on the ssh gateway is consuming about 1.4 MB of virtual
> > memory. While this does not pose any threat to the machine per se, it
> > does seem a bit strange to me.
> >
> > The ssh gateway system is CentOS 4.7 w/ OpenSSH 3.9p1 and the client
> > is Ubuntu 8.04 w/ OpenSSH 4.7p1.
> >

The gateway sysadmin might want to consider CentOS 4.8 as a minimum / 
updating from EPEL / RPMForge.  OpenSSH 3.9 is desperately old :(

> > Thanks in advance,
> > Tim

Hope this helps,

AndyC


[Home]     [Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

Add to Google Powered by Linux