[Clug-tech] SSH Connection Rest by Peer Issue. Was: OT: Lil' NMap Help?
gustin at echostar.ca
Tue Jan 23 13:09:52 PST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Perhaps it is a duplexing issue? Your cable modem may only be half
duplex (the old ones were, the newer modems that they use for their
business, extreme, and nitro packages are full duplex I beleive).
Is there anything in /var/log/syslog or messages?
There may be something you can learn with a tcpdump of the session
(Wireshark is a capable GUI alternative).
What is the chipset of the new machine? There are some driver issues
with newish nVidia chipsets, in particular the forcedeth driver. Very
recent kernels (ie. more recent than even edgy uses) in the 2.6.19 range
seem to have corrected the problem.
The symptoms seem like a window scaling issue, try issuing this command
on your laptop/workstation:
sudo sysctl -w net.ipv4.tcp_window_scaling=0
This is a hail mary suggestion with the information at hand.
If possible, can you use a stable well supported NIC in your box at
home? I keep a couple of rt8139s and 3c905s around for just this sort
> If I ever get in again I'll take a look :)
> This seems to be more than just SSH, though. Like the box responds to
> pings, but nothing else on any port for a period of time.
> I'm suspecting the switch as only WAN connections go through the switch
> and LAN connections have been fine. I'm going to take it out of the loop
> when I get home.
> Mark Carlson wrote:
>> On 1/23/07, Jon <me at jonwatson.ca> wrote:
>>> Seems as if have larger issues.
>>> I was able to SSH in for a few minutes and was then punted with the
>>> "connection reset by peer" message. NMap now returns no open ports just
>>> like it did this morning until some random time that a few other people
>>> tried to nmap it and it came up.
>>> Anyone seen this before and
>>> if so, any pointers on where I should be looking?
>> I have seen "connection reset by peer" many times on boxes that have a
>> small amount of RAM free (i.e. less than 5MB in the "-/+
>> buffers/cache" row of the `free` command.) In that case, the kernel
>> was killing the SSH daemon that was spawned to handle the client
>> clug-tech mailing list
>> clug-tech at clug.ca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the clug-tech