From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Nsj0n-0006n9-9U for garchives@archives.gentoo.org; Fri, 19 Mar 2010 20:41:42 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 10FD5E087A; Fri, 19 Mar 2010 20:41:17 +0000 (UTC) Received: from mail-bw0-f219.google.com (mail-bw0-f219.google.com [209.85.218.219]) by pigeon.gentoo.org (Postfix) with ESMTP id BCCB2E087A for ; Fri, 19 Mar 2010 20:41:16 +0000 (UTC) Received: by bwz19 with SMTP id 19so3563268bwz.26 for ; Fri, 19 Mar 2010 13:41:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:mime-version:content-type:content-transfer-encoding :message-id; bh=1mlG/Unof44eg4rIx+zekxFMDr0Zj/MBlU+Fa7dz6mc=; b=x5mRfL3Gh7R44qenqjWW3+/wETTDRleFn7JHrHDlAAvIvoGmOOICFzG92TAuzFslzV N+UOwb5InKup72leOWj8v625o2UD6QV5aWpP8HfXxxCxc5LNxAWBLeLE4mI6Ctwl42jm kbg1HvXimBiPEZLPUpTKemCAVNLw3JcHm0/XI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:mime-version:content-type :content-transfer-encoding:message-id; b=ITMVCypAqnyQYzYKSFdHBJtXbdsjXP5WG8fhMRdpB+crNx8jZFIMiaK0pUyZTzYp8I onDS6zK+O6nX4SVs7+aVYkHumvwhgpitsSBrkbTz7yxymiWCr7SlhS74LV5M7vV7a/7x 1PpihkYa0C1Y/SdnRrVoIczk1Y3ydB2mQsR8s= Received: by 10.204.36.202 with SMTP id u10mr5156771bkd.65.1269031276073; Fri, 19 Mar 2010 13:41:16 -0700 (PDT) Received: from nazgul.localnet (196-215-2-122.dynamic.isadsl.co.za [196.215.2.122]) by mx.google.com with ESMTPS id s17sm6048057bkd.4.2010.03.19.13.41.15 (version=TLSv1/SSLv3 cipher=RC4-MD5); Fri, 19 Mar 2010 13:41:15 -0700 (PDT) From: Alan McKinnon To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] SSH sessions hanging in VPN Date: Fri, 19 Mar 2010 22:38:20 +0200 User-Agent: KMail/1.13.1 (Linux/2.6.33-zen1; KDE/4.4.1; x86_64; ; ) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <201003192238.20127.alan.mckinnon@gmail.com> X-Archives-Salt: e84f35b0-f453-46f3-be59-5f76e2d2200e X-Archives-Hash: 5d7d7dddb3972167609c5e4318d4d790 Hi all, Not really directly related to Gentoo except that the workstation where it happens is a Gentoo machine :-) Our VPN at work is a Juniper Secure Connect. I tend to have many konsole tabs running ssh at one time, as well as IMAP connections to Exchange and several browsers tabs to intranet sites. Occasionally, and apparently triggered randomly[1], all existing ssh sessions freeze and never come back (even after several hours). The connections are still up and do not die on the remote end. Mail connections stay up and the browser tabs continue to work as well[2]. I know the ssh sessions are alive on the other end as I can immediately log in in another konsole tab and that works just fine. Even after several hours the first sshd process does not timeout (timeouts are enabled). So it would seem that it's the return path going tits up. My next step is going to be running a trace and tcpdump on one of those existing session next time it happens. Meanwhile, and this is my real question, how would I go about sensibly debugging this in a methodical manner? I'm going to have to get my security guys and routing guys to investigate but they will need real information to work with. Everything I can think of just reduces to throwing brown smelly stuff at the wall and hoping some of it sticks. [1] By randomly I mean sometimes 4 times a day, sometimes nothing for several days. I have not seen a correlation to anything I'm doing that might trigger it. [2] This is expected as HTTP is sessionless. -- alan dot mckinnon at gmail dot com