[Bug 3231] New: Deadlock/hang while using tunnel-device with high rates
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sun Nov 15 12:26:15 AEDT 2020
https://bugzilla.mindrot.org/show_bug.cgi?id=3231
Bug ID: 3231
Summary: Deadlock/hang while using tunnel-device with high
rates
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: M.Traxler at gsi.de
Hi,
I use ssh tun-devices for a VPN. When transferring data rates
>~20MBytes/s the tunnel-device stops working after a short time
(seconds).
If the "ssh -w 10:10" is used and the interactive channel is also open,
this channel is also completely blocked.
"~?" and "~." still works.
This happens directly if I use my WiFi-connection. I could not
reproduce it via the LAN connection to the internet.
This happens with many combinations of versions of ssh and sshd (8.3,
8.4, 7.9).
I can nearly completely workaround these deadlocks if I change
the source in "channels.h" to the following:
#define CHAN_SES_PACKET_DEFAULT (8*1024)
#define CHAN_SES_WINDOW_DEFAULT (16*CHAN_SES_PACKET_DEFAULT)
so, making these buffers much smaller.
The disadvantage of this hack is, that then the maximum speed for the
ssh-connection is limited to around ~8MBytes/s.
This can be verified the following way:
ip l del dev tun20
ssh root at remote.de "ip l del tun20"
ssh -v -t -w 20:20 -oPermitLocalCommand=true
-oLocalCommand=/root/bin/execute_after_ssh_tunnel_start.sh
root at remote.de "ip a add 192.168.20.1/24 peer 192.168.10.1 dev tun20;
ip l set dev tun20 up; bash "
where /root/bin/execute_after_ssh_tunnel_start.sh is:
ip link set tun20 up
ip a add 192.168.10.1/32 peer 192.168.20.1 dev tun20
and in a second shell:
ssh root at 192.168.20.1 "dd if=/dev/zero bs=1M" > /dev/null
This will block very fast with the default values of the Packet and
Windows sizes.
Changing the MTU to smaller values on the tun20 will not prevent this
deadlock.
Seems to be a deeply hidden bug in the code...
Thanks a lot,
Michael
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list