From owner-freebsd-net@freebsd.org  Wed Aug 26 23:34:56 2015
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 594219C38EF
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Wed, 26 Aug 2015 23:34:56 +0000 (UTC)
 (envelope-from janm@transactionware.com)
Received: from mail3.transactionware.com (mail.transactionware.com
 [203.14.245.7]) by mx1.freebsd.org (Postfix) with SMTP id A3A1E7F1
 for <freebsd-net@freebsd.org>; Wed, 26 Aug 2015 23:34:54 +0000 (UTC)
 (envelope-from janm@transactionware.com)
Received: (qmail 97811 invoked by uid 907); 26 Aug 2015 23:28:11 -0000
Received: from eth222.nsw.adsl.internode.on.net (HELO [192.168.1.101])
 (150.101.196.221) (smtp-auth username janm, mechanism plain)
 by mail3.transactionware.com (qpsmtpd/0.84) with (ECDHE-RSA-AES256-SHA
 encrypted) ESMTPSA; Thu, 27 Aug 2015 09:28:11 +1000
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Subject: Re: ssh over WAN: TCP window too small
From: Jan Mikkelsen <janm@transactionware.com>
In-Reply-To: <55DCF080.7080208@stankevitz.com>
Date: Thu, 27 Aug 2015 09:28:09 +1000
Cc: freebsd-net@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <735A62B2-EFBC-4A4A-9782-F809EC1069E3@transactionware.com>
References: <55DCF080.7080208@stankevitz.com>
To: Chris Stankevitz <chris@stankevitz.com>
X-Mailer: Apple Mail (2.2104)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Aug 2015 23:34:56 -0000

Hi,

> On 26 Aug 2015, at 08:47, Chris Stankevitz <chris@stankevitz.com> =
wrote:
>=20
> Hi,
>=20
> # cat /dev/urandom | ssh root@host 'cat > /dev/null'
>=20
> I use the above ssh command over a high-BDP WAN link (80 ms @ 100 =
Mbps).  tcpdump shows I am TCP window limited to 64 KBytes (yielding 5 =
Mbps).  iperf with default options gets the window opened to 500 KBytes =
(yielding 35 Mbps).

Given that you are TCP window limited, do you have something in the =
middle preventing the windows size negotiation from working? A stateful =
firewall somewhere, perhaps?

> Both sides of the connection: FreeBSD 10.1 w/default sshd options =
(except I permit root login).  In particular, HPN is not disabled.
>=20
> Can anyone explain my abysmally small TCP window?
>=20
> Can anyone recommend some tools/tricks to figure out what in FreeBSD =
and/or base SSH is limiting the send/recv buffer and/or TCP window?

Regards,

Jan.=