From owner-freebsd-hackers@FreeBSD.ORG Sun Nov 28 18:08:45 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 35FE516A4CE; Sun, 28 Nov 2004 18:08:45 +0000 (GMT) Received: from pit.databus.com (p70-227.acedsl.com [66.114.70.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE8A343D45; Sun, 28 Nov 2004 18:08:44 +0000 (GMT) (envelope-from barney@pit.databus.com) Received: from pit.databus.com (localhost [127.0.0.1]) by pit.databus.com (8.13.1/8.13.1) with ESMTP id iASI8hwH060436; Sun, 28 Nov 2004 13:08:43 -0500 (EST) (envelope-from barney@pit.databus.com) Received: (from barney@localhost) by pit.databus.com (8.13.1/8.13.1/Submit) id iASI8hCE060435; Sun, 28 Nov 2004 13:08:43 -0500 (EST) (envelope-from barney) Date: Sun, 28 Nov 2004 13:08:43 -0500 From: Barney Wolff To: Claudiu Dragalia-Paraipan Message-ID: <20041128180843.GA58546@pit.databus.com> References: <41AA0043.5070109@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41AA0043.5070109@gmail.com> User-Agent: Mutt/1.5.6i X-Scanned-By: MIMEDefang 2.48 on 127.0.0.1 X-Mailman-Approved-At: Mon, 29 Nov 2004 13:31:13 +0000 cc: hackers@freebsd.org cc: Robert Watson cc: current@freebsd.org Subject: Re: ssh & select() problem on 5.3 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Nov 2004 18:08:45 -0000 On Sun, Nov 28, 2004 at 06:43:47PM +0200, Claudiu Dragalia-Paraipan wrote: > > Since the problem occurs only when I connect to the firewall or to a > server behind it, I started to suspect a hardware failure. Could a > network card cause such problems ? > The firewall is running on FreeBSD 5.2.1 with PF+ALTQ, and I can observe > the same behaviour: dmesg locks ssh connection. I have test this with PF > disabled, and the problem still occurs, so I can eliminate PF as a problem. Perhaps an MTU problem, with the ICMP "fragmentation needed but DF set" being blocked by the firewall? It would only show up when the server has enough to send to fill a packet. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net.