FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP

 
 
LinkBack Thread Tools
 
Old 06-29-2010, 03:31 PM
Robert Menger
 
Default SSH did not work on every IP on debian x64

Hello,

as it seems, there is a problem with some IPs.


Problem Description:

Debian x64 Lenny 5.04


- base install, without any additional packages, only IPs configured
- with some special IPs, SSH is not working on Port 22 -> "server unexpectedly closed the network connection"
- when we change the SSH port, ssh works
- when we change the IP, ssh works on port 22
- when we configure this suspicious IP on a completly other server, the same problem occures
- we have checked for network problems, but all ACLs are correct, not one switchport or ACL on the core switches is configured for this IP


this are the two IPs, where SSH did not work on port 22


87.118.90.150

95.169.186.3



we have no ideas... we hope you have?





mit freundlichen Grüßen / with kindly regards
Robert Menger
*
Keyweb AG
Neuwerkstr. 45/46
99084 Erfurt / Germany
*
Fon: +49 361 65853 86
Fax: +49 361 65853 88
rm@keyweb.de - www.keyweb.de
*
Vorstand: Frank Nowag
Aufsichtsratvorsitzender: RA Ronald Hofmeister
eingetragen beim Handelsregister Jena, HRB 112403



--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: CE7FEEDEBABA234A80731C10C268B83311D0A0EEAE@mAiLsTa R.keyweb.org">http://lists.debian.org/CE7FEEDEBABA234A80731C10C268B83311D0A0EEAE@mAiLsTa R.keyweb.org
 
Old 06-29-2010, 10:39 PM
Stephen Gran
 
Default SSH did not work on every IP on debian x64

This one time, at band camp, Robert Menger said:
> Hello,
>
> as it seems, there is a problem with some IPs.
>
> Problem Description:
> Debian x64 Lenny 5.04
>
> - base install, without any additional packages, only IPs configured -
> with some special IPs, SSH is not working on Port 22 -> "server
> unexpectedly closed the network connection" - when we change the SSH
> port, ssh works - when we change the IP, ssh works on port 22 - when
> we configure this suspicious IP on a completly other server, the same
> problem occures - we have checked for network problems, but all ACLs
> are correct, not one switchport or ACL on the core switches is
> configured for this IP
>
> this are the two IPs, where SSH did not work on port 22
>
> 87.118.90.150
> 95.169.186.3
>
> we have no ideas... we hope you have?

Those IPs are somehow special in your environments. I assume because
you're not getting an outright connection refused that the addresses are
merely in use elsewhere on your network.

Cheers,
--
-----------------------------------------------------------------
| ,'`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
 
Old 06-30-2010, 07:47 AM
Stephen Gran
 
Default SSH did not work on every IP on debian x64

This one time, at band camp, Robert Menger said:
> Hello, thanks
>
> that case we have checked too, but every IP is hard-configured to the
> switchports. It is under normal circumstances not possible, that any
> other server uses this IPs, if there is no bug in the ACL management
> of Cisco.
>
> And if it would be so, why did SSH work on another Port on this IP?
> And every other action work too. The router knows the correct MAC for
> this IP, every switch knows this MAC for this IP, the server itselfs
> can surf in the web. For me it sounds very unlikely that the IP is
> configured on any other device.
>
> And why did only debx64 has this problem? When I configure this IP on
> an CentOS server or any other, ssh works fine too.
>
> I have seen many network problems in the last years as network admin,
> but this type of problem is really really spooky for me.

There is no need to reply to me directly - please keep replies on list.

I would start with strace'ing the ssh process on the server when it has
the affected IP address. Do you actually see it processing the
connection? My bet is no, but that would be useful information.

Cheers,
--
-----------------------------------------------------------------
| ,'`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
 

Thread Tools




All times are GMT. The time now is 04:31 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org