TCP connect timeout with proxy
Scott Neugroschl
scott_n at xypro.com
Fri Mar 27 02:02:23 AEDT 2020
What's wrong with just using "-4" for this host?
-----Original Message-----
From: openssh-unix-dev <openssh-unix-dev-bounces+scott_n=xypro.com at mindrot.org> On Behalf Of Anand Buddhdev
Sent: Thursday, March 26, 2020 5:03 AM
To: openssh-unix-dev at mindrot.org
Subject: TCP connect timeout with proxy
Dear openssh developers and users,
I'm new to the list, and my apologies if this question has been asked before. I've tried to look for answers and haven't succeeded, which is why I'm asking.
Here's the situation: I'm connect to a dual-stacked host with A and AAAA records. The IPv6 connectivity to the host is broken.
When connecting to the host directly from my client system, the TCP connect to the IPv6 address times out after 75s, which is the TCP default timeout. After that, SSH proceeds to connect to the IPv4 address successfully. This causes a rather large delay. I can control this by setting "ConnectTimeout" to something lower, like 30s. So far, so good.
However, when I'm not on a trusted network, I have to use a proxy to connect to that same dual-stacked host. I can do the proxy in one of the following ways:
1. ssh -tt proxyhost ssh -tt host
2. ProxyCommand ssh proxyhost 'exec nc %h %p 2>/dev/null'
3. ProxyCommand ssh -W [%h]:%p proxyhost
4. ProxyJump proxyhost
5a. ssh -D localhost:1080 -N proxyhost
5b. ProxyCommand nc -x localhost %h %p
More information about the openssh-unix-dev
mailing list