Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

remote port forwarding unstable

  

 
OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


adrya1984 at gmail

Oct 19, 2009, 5:31 AM

Post #1 of 6 (255 views)
Permalink
remote port forwarding unstable
Hi,

I'm not sure if this is a bug or not, maybe someone noticed it also...

I always do a remote port forwarding with openssh on 1026 port let's
say ( ssh -R 1026:localhost:55555 ). Most times the port is opened on
remote machine. But sometimes i notice that ssh can't do remote port
forwarding to that port 1026. I looked on the remote machine (netstat
-an) and no one is using that port, so the port is free.
Only way to fix this is do a remote port forwarding to another port
lets say 1056, successfully done, then try again and do it for 1026,
this time remote port forwarding successfully works... Sometimes it
works if i try again with 1026, but other times i need to open another
port then try again with 1026 port...

What can cause this instability to remote port forwarding?
Is there another command than "netstat -an" to see if that port is
really free or something is using it?
If is a bug can it be fixed?

I use version of OpenSSH 5.1p1 on remote machine and the client is
OpenSSH for Windows 3.8.1p1

Thanks in advance,
Adriana
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev[at]mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


plambrechtsen at gmail

Oct 19, 2009, 10:52 AM

Post #2 of 6 (238 views)
Permalink
Re: remote port forwarding unstable [In reply to]
Perhaps it is something wrong with your ssh client.

I have had remote ssh port forwarding sessions open for weeks and in
frequent use when using putty on the client and openssh 5.1 on the
server.

I have also had remote upon remote sessions going, which works, albiet
a little slowly. IE

Session1 client -> server1 -ssh -R 1080:server2:1080 -> server2
And
Session2 client -putty remote port forwarding 1080 on server1

This allows me to access a web mgmt port for an app on server 2 which
is sitting behind two firewalls that do not allowed to have web
traffic in there.

Very round about way of doing things. But it works

Thanks

Peter

On 20/10/2009, at 1:31 AM, Adriana Rodean <adrya1984[at]gmail.com> wrote:

> Hi,
>
> I'm not sure if this is a bug or not, maybe someone noticed it also...
>
> I always do a remote port forwarding with openssh on 1026 port let's
> say ( ssh -R 1026:localhost:55555 ). Most times the port is opened on
> remote machine. But sometimes i notice that ssh can't do remote port
> forwarding to that port 1026. I looked on the remote machine (netstat
> -an) and no one is using that port, so the port is free.
> Only way to fix this is do a remote port forwarding to another port
> lets say 1056, successfully done, then try again and do it for 1026,
> this time remote port forwarding successfully works... Sometimes it
> works if i try again with 1026, but other times i need to open another
> port then try again with 1026 port...
>
> What can cause this instability to remote port forwarding?
> Is there another command than "netstat -an" to see if that port is
> really free or something is using it?
> If is a bug can it be fixed?
>
> I use version of OpenSSH 5.1p1 on remote machine and the client is
> OpenSSH for Windows 3.8.1p1
>
> Thanks in advance,
> Adriana
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev[at]mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev[at]mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


adrya1984 at gmail

Oct 19, 2009, 10:53 PM

Post #3 of 6 (236 views)
Permalink
Re: remote port forwarding unstable [In reply to]
Hi,

Here is some more info after little investigation :)

Message i get is: "Warning: remote port forwarding failed for listen port 1026"

SSH makes connection but port isn't opened and in server logs i see:

IPP-Linux:~# cat /var/log/auth.log | grep 18722
Oct 19 13:37:20 IPP-Linux sshd[18722]: error: bind: Address already in use
Oct 19 13:37:20 IPP-Linux sshd[18722]: error:
channel_setup_fwd_listener: cannot listen to port: 1026
IPP-Linux:~# cat /var/log/auth.log | grep 18737
Oct 19 13:37:47 IPP-Linux sshd[18737]: error: bind: Address already in use
Oct 19 13:37:47 IPP-Linux sshd[18737]: error:
channel_setup_fwd_listener: cannot listen to port: 1026

But i closed the previous console with ssh listening to that port, and
is no ssh process on client when i want to connect again on the same
port. So how come it still says that port is in use on server?

This happens in only 2% of the cases, very rare, i change nothing in
the way i connect or close the client, but somehow it seems that port
still hangs on server after closing ssh console ... or at least that's
what sshd says because with "netstat -an" i don't see that port busy

Thank you Rabbi for that command, next time when it happens i'll use it :)

Thanks,
Adriana
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev[at]mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


rees at umich

Oct 20, 2009, 5:12 AM

Post #4 of 6 (235 views)
Permalink
Re: remote port forwarding unstable [In reply to]
Are you sure the connection is fully closed? When you close a tcp
connection, it stays in time_wait and fin_wait for a while, during which
time the port can't be reused. You said netstat doesn't show anything on
that port?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev[at]mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


wooledg at eeg

Oct 20, 2009, 10:15 AM

Post #5 of 6 (232 views)
Permalink
Re: remote port forwarding unstable [In reply to]
On Tue, Oct 20, 2009 at 08:53:49AM +0300, Adriana Rodean wrote:
> IPP-Linux:~# cat /var/log/auth.log | grep 18737
> Oct 19 13:37:47 IPP-Linux sshd[18737]: error: bind: Address already in use
> Oct 19 13:37:47 IPP-Linux sshd[18737]: error:
> channel_setup_fwd_listener: cannot listen to port: 1026
>
> But i closed the previous console with ssh listening to that port, and
> is no ssh process on client when i want to connect again on the same
> port. So how come it still says that port is in use on server?

Use "lsof -i :1026" (lsof is not standard, but it's very common)
or "netstat -antp | grep :1026" (netstat -p is Linux only) to see what
is listening on port 1026.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev[at]mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


adrya1984 at gmail

Oct 20, 2009, 11:16 PM

Post #6 of 6 (229 views)
Permalink
Re: remote port forwarding unstable [In reply to]
Thank you all for your replies :)

This is the command i use: ssh -L 30300:localhost:8080 -R
1026:localhost:55555 -F ssh_config -N ipp[at]10.55.40.120
And i close the ssh process by closing the windows console, or by
killing the ssh process from another application. Either way when i
look in processes list after closing ssh process is gone when i try to
reconnect again.

I guess that's the explanation suggested above why sometimes it
doesn't allow me to reconnect with same port, TCP connection staying
in a wait state even after previous ssh client process terminates and
it keeps that remote port busy.
Maybe that's why it didn't showed with "netstat -an" command.
Next time i will use the other commands suggested :)

Thank you again,
Adriana
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev[at]mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.