[lug] 3 Questions: 1) Port Forwarding 2) Unison 3) Job Management Software 4) Test Apache
David Morris
lists at morris-clan.net
Mon Feb 14 19:20:08 MST 2005
On Mon, Feb 14, 2005 at 06:46:51PM -0700, Daniel Webb wrote:
> On Mon, Feb 14, 2005 at 12:43:57PM -0700, David Morris wrote:
>
> > while true
> > do
> > echo ">>> Connecting <<<"
> > ssh -R 3128:localhost:3128 -c blowfish -g \
> > user at host.com ping -i 5 localhost
> > sleep 2
> > end
>
> It's actually much tougher than that. Under bad
> conditions (like sketchy wireless connections), ssh will
> lose the connection without quitting. I have also seen
> ssh hang on both the sshd side and the ssh side when using
> -R port forwarding. autossh deals with this by
> continually testing the connection, and restarting it when
> needed. The only problem with this is that sshd hangs on
> the remote side too, and autossh can't do anything about
> that.
I suppose I could be missing something but from several
years of using SSH on both stable and unstable connections
(even dialup and VERY bad wireless) I've never had notable
problems.
I agree SSH port forwarding sometimes dies in funky ways but
it is trivial to work around this and by setting the SSH
connection to restart automatically from time to time. All
you have to do is add a count to ping using the '-c' option.
The exact value which works best varies by connection
stability and what the connection is being used for.
The only major annoyance with this solution is, as you say,
when SSH looses the connection and does not quit. I've
found this situation is exponentially more likely to happen
on unstable connections the longer SSH is connected to the
remote host. This is where carefully picking the value
given to 'ping -c xxx' comes in. For an http proxy server,
for example, I set the timeout to reset once every 5 minutes
and almost never even notice the reset happening and only
have the connection lock up on me once every month or so.
Is it a perfect solution? No. Does it work for every case?
Not even remotely. But it is extremely simple, can be run
without any extra software, and (in my experience) works
*great* for simple port-forwarding situations.
--David
More information about the LUG
mailing list