Friday, January 28, 2011

Rancid failing to write term with ssh client ServerAliveInterval

We found that rancid was no longer able to perform a 'write terminal' after we setup the /etc/ssh/ssh_config option: ServerAliveInterval 5

Every single time you would do:

ssh router.example.com
term length 0
write term

The router would send a TCP FIN at the exact same spot halfway though the config:

...
13:53:39.199206 IP rancid.example.com.54509 > router.example.com.ssh: Flags [.], ack 18941, win 41440, length 0
13:53:39.199327 IP router.example.com.ssh > rancid.example.com.54509: Flags [P.], seq 18941:18973, ack 2697, win 2920, length 32
13:53:39.199337 IP rancid.example.com.54509 > router.example.com.ssh: Flags [.], ack 18973, win 41440, length 0
13:53:39.199605 IP router.example.com.ssh > rancid.example.com.54509: Flags [P.], seq 18973:19005, ack 2697, win 2920, length 32
13:53:39.199615 IP rancid.example.com.54509 > router.example.com.ssh: Flags [.], ack 19005, win 41440, length 0
13:53:39.199675 IP router.example.com.ssh > rancid.example.com.54509: Flags [FP.], seq 19005, ack 2697, win 2920, length 0
13:53:39.199858 IP rancid.example.com.54509 > router.example.com.ssh: Flags [F.], seq 2697, ack 19006, win 41440, length 0
13:53:39.201624 IP router.example.com.ssh > rancid.example.com.54509: Flags [.], ack 2698, win 2920, length 0


After checking every single network switch, interface, cable, IP, firewall, etc. The problem was:


ServerAliveInterval


Once this was either removed or changed to a value greater then 5, for example 300, it worked just fine.


No comments:

Post a Comment

Followers