[lug] can ping the host, but can't ssh for a few seconds
Michael Hirsch
mdhirsch at gmail.com
Tue Jul 10 09:25:16 MDT 2012
On Mon, Jul 9, 2012 at 6:18 PM, David L. Anselmi <anselmi at anselmi.us> wrote:
> I agree with Steve.
>
> Information from traceroute may be helpful, and descriptions about the
> devices along the way.
>
There's no interesting network that I can see. They are on the same subnet:
[software at saratoga build-jaws-svn]$ traceroute warsaw
traceroute to warsaw.stirlingsystems.net (192.168.1.21), 30 hops max, 38
byte packets
1 warsaw (192.168.1.21) 0.205 ms !<10> 0.181 ms !<10> 0.138 ms !<10>
Everything is Linux. Warsaw is a rather old Fedora Core 4 (!) system. I
don't believe either is running a firewall.
Michael
> Michael Hirsch wrote:
> > ssh: connect to host warsaw port 22: No route to host
>
> The message means you got an ICMP host unreachable message. So you got to
> the router for the host's
> network but then the host didn't answer when ARPed for its MAC. (If you
> hadn't gotten to the end of
> the trail you'd have gotten a network unreachable message.)
>
> So, is there a reason the host is slow to answer ARP? Or
> misses/mis-answers the first ARP?
>
> Of course in this day and age there are lots of other possibilities.
> Perhaps SSH says host
> unreachable for more than one kind of ICMP.
>
> Sometimes firewalls will send an ICMP rather than dropping packets (REJECT
> vs DROP in iptables). So
> it could be any device along the way interfering. It's weird to get
> intermittent behavior but who
> knows--all kinds of state can be kept in iptables, and it can behave
> differently for ping and TCP.
>
> What does wireshark show on both ends?
>
> Here's a mean trick: you could probably set up iptables to send echo
> replies to any echo request
> that comes in, and drop all TCP traffic. "I can ping everyone on the
> Internet but can't connect to
> anyone."
>
> Dave
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20120710/53d6ef72/attachment.html>
More information about the LUG
mailing list