6

I have problems with autossh in case short network interrupts (up to 60s). This happens daily due to a network disconnect by my ISP in the morning. Even with usage of autossh the ssh tunnel stays broken until manually restarted. If I test it with a longer outage autossh reestablish the tunnel fine.

When starting autossh with "AUTOSSH_DEBUG=1" the following is shown during a short disconnect:

Warning: remote port forwarding failed for listen port

When looking at the same time to the ssh server, I see with "netstat -pln" that the old port is kept there for about 60s until it finally disappears. If the client tries to reconnect during this time it fails with the message above, it don't recreate the tunnel and also don't retries. When it reconnect after the port disappears on server, ssh succeeds recreating the tunnel.

Is there a way to delay the autossh client reconnection? Is there a way to retry reconnection if it failed (I guess currently there is no retry, because it is classified as Warning only)? Is there a way to shorten the time until the remaining port is removed by sshd?

My Environment is Debian Squeeze on client side and Wheezy on server.

EDIT: I forgot to mention, this happens if I use autossh without management port "-M 0" or with an echo-port "-M 2000:7" or with a full paired management loop "-M 2000".

Achim
  • 263
  • 3
  • 13
  • 2
    Is there a way to shorten the time until the "remaining port is removed by sshd"? http://serverfault.com/questions/329845/how-to-forcibly-close-a-socket-in-time-wait – Deer Hunter Jun 04 '13 at 04:34
  • Have you tried fixing your ISP (the real problem) instead of fixing the symptom? – Deer Hunter Jun 04 '13 at 04:36
  • Thanks for the interesting link, it uses the buzzwords I didn't knew. To test all this out take some time, I will post the result. – Achim Jun 04 '13 at 18:51
  • "fixing the ISP" is not an option, all our providers here in Germany make daily disconnect of the DSL lines. Only for some minutes, I guess the reason is to change the IPv4 address. Of course it is also possible to buy an DSL connection with permanent IPv4, which will not be cut, but that's very expensive... – Achim Jun 04 '13 at 18:52
  • @DeerHunter: why is the ISP the real problem? The ISP disconnecting is actually the **issue** that autossh is set out to solve! Actually, autossh must solve that and any of the other myriad problems that can happen to your ssh connection. That is *exactly* what you are using autossh for: to not be forced to care about all possible scenarios in which ssh can fail, be it ISP, intermittent network problems, server reboots, ... If the connection can be reestablished (because the network quality satisfies minimum requirements), then autossh should be able to just gracefully restart the ssh. – blueFast Sep 05 '14 at 09:53
  • And if the network is too bad, then autossh should keep trying until it can restablish the connection (eventually exponentially increasing the retry delay, to not cause network / cpu overload) – blueFast Sep 05 '14 at 09:56
  • And the OP has just "complained" about a problem in autossh: it is not doing what is supposed to do, in a very specific case. The network is there, the ssh is broken, but autossh is not gracefully restarting it. That is a **bug** in autossh. – blueFast Sep 05 '14 at 10:00

1 Answers1

10

You could set ssh option ExitOnForwardFailure to yes to make ssh terminate the connection if it cannot set up all requested dynamic, tunnel, local, and remote port forwardings.

Autossh will recreate new ssh connection until forward success.

Qier LU
  • 101
  • 1
  • 5
  • 1
    If you're having connection failures frequently you might also want to add -o ConnectTimeout=1 so that ssh fails quickly when the connection clearly isn't coming – Alex Nauda Mar 26 '15 at 12:54