6

I am using port forwarding to utilize proxy server which is on remote machine.

Remote machine hostname is remotemachine. Proxy is listening on 8118 port. I am translating this port to local port 5223.

ssh -vvv -N remotemachine -L 5223:localhost:8118

Everything is fine if I don't use more than 10 simultaneous connections, when ssh just freezes. It no longer send data trough port forwarding.

I.e. ab -c 10 -t 5 -X 'localhost:5223' 'http://www.google.ru/' works, but ab -c 20 -t 5 -X 'localhost:5223' 'http://www.google.ru/' causes ssh to freeze

MaxSessions 30 parameter in /etc/ssh/sshd_config didn't helped at all.

What can I do to remove this 10 connection limit?

Nothing interesting in -vvv output =(

Marko Kevac
  • 255
  • 1
  • 3
  • 6
  • Please update your question to include information about the OS on the local and remote machines, as well as information about your proxy server. Also detail the experiments you have carried out to prove that ssh is the causing the "freeze" you're experiencing. You have other components in the chain (such as your proxy server) which may be causing your "freeze". – Convict Apr 23 '10 at 04:50

4 Answers4

2

FYI, I had a very similar issue, and bumping up MaxSessions to 100 fixed it. I'm the only one using SSH on this server, so that high limit isn't an issue for me.

1

Are you sure you have setup the local forwarding correctly? Should the destination of your port forwarding be remotemachine instead of localhost?

ssh -vvv -N remotemachine -L 5223:remotemachine:8188
Convict
  • 1,613
  • 10
  • 8
  • I am sure. It could be anything that remote machine understands. localhost or remotemachine or any other host name. – Marko Kevac Apr 21 '10 at 12:16
1

On the server, have a look at MaxStartups in sshd_config.

From the man page:

MaxStartups

     Specifies the maximum number of concurrent unauthenticated con-
     nections to the sshd daemon.  Additional connections will be
     dropped until authentication succeeds or the LoginGraceTime
     expires for a connection.  The default is 10.

     Alternatively, random early drop can be enabled by specifying the
     three colon separated values ``start:rate:full'' (e.g.,
     "10:30:60").  sshd will refuse connection attempts with a proba-
     bility of ``rate/100'' (30%) if there are currently ``start''
     (10) unauthenticated connections.  The probability increases lin-
     early and all connection attempts are refused if the number of
     unauthenticated connections reaches ``full'' (60).
desau
  • 111
  • 3
  • MaxStartups looks like it only applies to unauthenticated connections, which doesn't seem to be the limit he is running into (his all appear authenticated). – Jed Daniels Jul 08 '10 at 17:32
0

I would think it's some kind of server config. What happens if you make two tunnels and open (say) 8 connections trough both, does it freeze (--> overall server limit) or not (--> limit per connection)?

Frank Meulenaar
  • 133
  • 1
  • 5
  • I have opened two tunnels. One from 5223, other from 5224 port. Than I executed two ab programs with 11 concurent connections each. Everything is fine. 12 and more don't work - ssh tunnel freezes. – Marko Kevac Apr 21 '10 at 15:42
  • @Marko - Maybe, it's an ab issue rather than a ssh issue? – Convict Apr 22 '10 at 02:34
  • Nope. Chrome freezes because tunneled proxy don't work. It's something with ssh. – Marko Kevac Apr 22 '10 at 05:56
  • Could the issue be with your proxy server? What have you done to prove that your proxy server is not causing the "freeze" that you're experiencing. – Convict Apr 23 '10 at 04:46