[ale] SSH Cisco Networking Issue

Omar Chanouha ofosho at gatech.edu
Thu Sep 16 15:05:30 EDT 2010 

Hello All,

    Sorry for the long email, but I am having an issue with the IT guy
at my office, and this problem is out of my league. I set up a
LAMP/SSH server to host the intranet where I work. I am back at Tech
now, and need a way to connect to the server (Miami) to make changes.
I told the IT guy to open a port for me in the firewall so I can get
to the SSH server. Easy enough right?

So, I can log into the server *.126, and I can send and recieve data
from it, HOWEVER if I try to receive large (> a paragraph) worth of
data the client hangs. The firewall still registers a connection, and
the client will just hang forever(ctrl-c does nothing, I have to close
the terminal). I would imagine this means it is waiting for data that
is not going to get there, and is also not receiving a disconnect
message.

Example:

o at remote:~$cat smallfile
Hello World!
o at remote:~$cat bigfile[no response]

the same would apply to listing(ls) a small directory vs a large one.
Or even TAB completing a long list vs a short one.

At address *.126 there are multiple machines, so when I connect to
*.126 I get port forwarded to another machine via NAT. Just as a test,
we made the relationship 1-1 at address *.124 (another ip we own) and
we made the firewall rule completely open at this address. The server
then worked. The IT guy then decided to make the rule more strict by
only allowing connection on port 22, and we went back to the previous
result. He then put in the Cisco SSH rule (rather than just opening
port 22) and it worked again.

However, *.124 is not available for full time use, so we went back to
*.126 and applied the SSH rule, but got the same result as before.
Here is the weird part, when we port forward *.126 to one of the SSH
servers on one of the Cisco routers (rather than my machine) SSH works
fine. The IT guy thinks that the issue is coming from the NAT b/c we
are using the same firewall rule that worked w/ 1-1.

Question, what could be causing the Ubuntu SSH server to hang ONLY
when larger amounts of data are being sent, but not affect the Cisco
SSH servers?

Thanks,

-O

More information about the Ale mailing list