SFTP. ls and get hangs.

If I do sftp between some nodes that we installed it works fine i can list
directories and get files.

If I connect with sftp from the other side of a firewall (wich has port 22 open)
I can log in and cd to which ever direcory i want i can do pwd but when i do ls or get it hangs and the client never times out ( waited 30 minutes).
If i do ls in a empty directory it works but ls or get in a directory with files hangs.
I know that plain ftp use control and data port but sftp is just port 22 isnt it?
SSH to the same account and list files works fine.
 

MTU has to match your network's, or else you'll get problems like you had. I had to deal with a crazy and embedded DHCP server which kept giving MTU's of 600, and had to pin the value manually to something sane on all hosts...

Except, usually, MTU handles itself, via ICMP replies. When you send a packet that's too large and nothing on the way can fragment it, you get an ICMP reply about too-large packets, instructing the sending host to send smaller packets.

firewall or someone else's is improperly blocking ICMP, preventing this autocorrection measure from working, meaning you have to get the value of MTU exactly right or things may break.

Steps:
First I and the customer changed the mtu to1300

  ifconfig e1000g1 mtu 1300

and that solved the problem.

Later workmates argued that changing MTU could have negative effects so I set the original mtu again and changed the tcp_mss_max parameter instead.

Code:

ndd -set /dev/tcp tcp_mss_maxipv4 1300
ndd -set /dev/tcp tcp_mss_maxipv6 1300


to see the value do

Code:   ndd -get /dev/tcp tcp_mss_maxipv4

The tcp_mss_max value sets the max tcp packet size. (im not sure that its the correct term) and Im pretty sure that its not the same as changing MTU altough many people thinks so. End result seems to be the same.

This solved the problem for me.

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值