[lug] strange ssh performance issues

Kevin Kempter kevin at kevinkempterllc.com
Fri Sep 28 12:33:34 MDT 2007


It seems to be a communication issue between my linux OS and the winXP VM. If 
I attempt to ssh only to the winVM it takes 30-45sec.

Any ideas?



> Kevin,
>
> This could be DNS related. Have you confirmed that you have DNS
> servers configured for all hosts involved?
>
> - Ben
>
> On 9/28/07, Kevin Kempter <kevin at kevinkempterllc.com> wrote:
> > Hi List;
> >
> > First let me say that (1) I have a fairly unusual (I suspect) ssh setup,
> > and (2) I hate the virus known as windows
> >
> >
> > Here's the deal;
> >
> > The client I'm working for uses a SonicWall firewall to control access to
> > the data centers. Unfortunately there are issues with the Linux openVPN
> > clients (specifically open swan) where it connects but locks all other
> > connections out of the firewall. So, until we figure this out the
> > solution is to use the windows version of the SonicWall client.  I've
> > installed vmware and installed a copy of VirusXP (AKA Windows XP). I
> > installed cygwin and followed the instructions here to install the ssh
> > server:
> > ( http://pigtail.net/LRP/printsrv/cygwin-sshd.html ) although I did not
> > run the mkpasswd and mkgroup commands, they seemed to break the install
> > of ssh server.
> >
> > Anyway, I also setup an ssh key so I could login to the M of VirusXP
> > without a password.
> >
> > Next I setup a config file in my Linux $HOME/.ssh dir with many entries
> > like this (one for each host in the data ceners that I need to connect
> > to):
> >
> > Host dataCenterHostname
> >         Hostname 10.1.x.x               # data center I.P.
> >         HostKeyAlias 10.1.x.x          # data center I.P.
> >         ProxyCommand /usr/local/bin/netcat-proxy-command 172.16.128.128
> > %h
> >
> >
> > The 172.16.128.128 I.P. addr is the I.P. of the VirusXP image within
> > vmware via nat. (I could not make the ssh connections work via bridged
> > networking).
> >
> > The /usr/local/bin/netcat-proxy-command script is a netcat (nc) script
> > and contains this:
> >
> > #!/bin/sh
> > gateway=$1
> > internal=$2
> > ssh $gateway nc -w 1 $internal 22
> >
> > To use this setup I boot up VirusXP, open the SonicWall VPN client and
> > connect to one or more of the data centers.  Then in Fedora 7 (the host
> > OS) I open a terminal and run this:
> > ssh dataCenterHostname
> >
> > so, to my issue. Most of the time this setup works fairly well, in that
> > it does connect. It usually takes about 30 seconds for me to get a
> > password prompt for the target data center host. This is acceptable but I
> > think there's something weird going on that delay's the connection. I say
> > this because I can open a cygwin windowin VirusXP and do an ssh <I.P.>
> > and I get a password prompt immediately.
> >
> > The main issue is that several times a day the connections start to take
> > several minutes to return the password prompt. I need to restart the
> > cygwin service in VirusXP, and sometimes that doesn't help so I reboot
> > the VM instance of VirusXP. This is quite frustrating, however I'm a DBA
> > and have limited networking knowledge. Does anyone have any thoughts?,
> > suggestions?, comments?
> >
> > Thanks in advance..
> >
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug





More information about the LUG mailing list