Skip to main content
We’ve updated our Terms of Service. A new AI Addendum clarifies how Stack Overflow utilizes AI interactions.
Server Fault

Return to Question

details added, based on grawity's comment
Source Link
Giuseppe
Giuseppe
  • 113
  • 5

AttemptingAttempts to connect from hostA to hostB results in astops here and eventually time out:

meanwhile, fromExamining tcp packets on either end show the perspective of hostBfollowing:

hostB#hostA# tcpdump -i any tcp port 22 and host hostB and 'tcp[tcpflags] & (tcp-syn) != 0' 2208:04:02.280667 ens3 Out IP hostA.50672 > hostB: Flags [S], seq 1743155524, win 62720, options [mss 8960,sackOK,TS val 2010161184 ecr 0,nop,wscale 7], length 0 08:04:02.286807 ens3 In IP hostB > hostA.50672: Flags [S.], seq 2691905561, ack 1743155525, win 62636, options [mss 8960,sackOK,TS val 2267917840 ecr 2010161184,nop,wscale 7], length 0 08:04:03.284668 ens3 Out IP hostA.50672 > hostB: Flags [S], seq 1743155524, win 62720, options [mss 8960,sackOK,TS val 2010162189 ecr 0,nop,wscale 7], length 0 08:04:03.290862 ens3 In IP hostB > hostA.50672: Flags [S.], seq 2691905561, ack 1743155525, win 62636, options [mss 8960,sackOK,TS val 2267918844 ecr 2010161184,nop,wscale 7], length 0 
hostB# tcpdump -i any tcp port 22 and host hostA and 'tcp[tcpflags] & (tcp-syn) != 0' 09:1104:02.636059284606 enp0s3 In IP hostA.4846050672 > hostB: Flags [S], seq 30855041743155524, win 62720, options [mss 8960,sackOK,TS val 19716505372010161184 ecr 0,nop,wscale 7], length 0 2209:2204:1102.636114284651 enp0s3 Out IP hostB > hostA.4846050672: Flags [S.], seq 14065269582691905561, ack 30855051743155525, win 62636, options [mss 8960,sackOK,TS val 22294071922267917840 ecr 19716505372010161184,nop,wscale 7], length 0  09:04:03.288627 enp0s3 In IP hostA.50672 > hostB: Flags [S], seq 1743155524, win 62720, options [mss 8960,sackOK,TS val 2010162189 ecr 0,nop,wscale 7], length 0 09:04:03.288668 enp0s3 Out IP hostB > hostA.50672: Flags [S.], seq 2691905561, ack 1743155525, win 62636, options [mss 8960,sackOK,TS val 2267918844 ecr 2010161184,nop,wscale 7], length 0

ThusThe above sequence repeats on both sides about once per second until timeout. My understanding of TCP dumps is limited, hostB receives packets frombut it looks as though hostA's attempt is acknowledged by hostB; hostA and sends back an acknowledgement,receives the ack but nothing else happensthen sends out another identical request. 

Also, the authorization log shows no signs of hostA access attempts:

Please noteSo that you know, I can successfully ssh into all VMs from either my personal computer or non-Oracle hosts.

I would much appreciate any pointers.

Attempting to connect from hostA to hostB results in a time out:

meanwhile, from the perspective of hostB:

hostB# tcpdump -i any tcp port 22 and 'tcp[tcpflags] & (tcp-syn) != 0' 22:22:11.636059 enp0s3 In IP hostA.48460 > hostB: Flags [S], seq 3085504, win 62720, options [mss 8960,sackOK,TS val 1971650537 ecr 0,nop,wscale 7], length 0 22:22:11.636114 enp0s3 Out IP hostB > hostA.48460: Flags [S.], seq 1406526958, ack 3085505, win 62636, options [mss 8960,sackOK,TS val 2229407192 ecr 1971650537,nop,wscale 7], length 0

Thus, hostB receives packets from hostA and sends back an acknowledgement, but nothing else happens. Also, the authorization log shows no signs of hostA access attempts:

Please note that I can successfully ssh into all VMs from either my personal computer or non-Oracle hosts.

I would much appreciate any pointers

Attempts to connect from hostA to hostB stops here and eventually time out:

Examining tcp packets on either end show the following:

hostA# tcpdump -i any tcp port 22 and host hostB and 'tcp[tcpflags] & (tcp-syn) != 0' 08:04:02.280667 ens3 Out IP hostA.50672 > hostB: Flags [S], seq 1743155524, win 62720, options [mss 8960,sackOK,TS val 2010161184 ecr 0,nop,wscale 7], length 0 08:04:02.286807 ens3 In IP hostB > hostA.50672: Flags [S.], seq 2691905561, ack 1743155525, win 62636, options [mss 8960,sackOK,TS val 2267917840 ecr 2010161184,nop,wscale 7], length 0 08:04:03.284668 ens3 Out IP hostA.50672 > hostB: Flags [S], seq 1743155524, win 62720, options [mss 8960,sackOK,TS val 2010162189 ecr 0,nop,wscale 7], length 0 08:04:03.290862 ens3 In IP hostB > hostA.50672: Flags [S.], seq 2691905561, ack 1743155525, win 62636, options [mss 8960,sackOK,TS val 2267918844 ecr 2010161184,nop,wscale 7], length 0 
hostB# tcpdump -i any tcp port 22 and host hostA and 'tcp[tcpflags] & (tcp-syn) != 0' 09:04:02.284606 enp0s3 In IP hostA.50672 > hostB: Flags [S], seq 1743155524, win 62720, options [mss 8960,sackOK,TS val 2010161184 ecr 0,nop,wscale 7], length 0 09:04:02.284651 enp0s3 Out IP hostB > hostA.50672: Flags [S.], seq 2691905561, ack 1743155525, win 62636, options [mss 8960,sackOK,TS val 2267917840 ecr 2010161184,nop,wscale 7], length 0  09:04:03.288627 enp0s3 In IP hostA.50672 > hostB: Flags [S], seq 1743155524, win 62720, options [mss 8960,sackOK,TS val 2010162189 ecr 0,nop,wscale 7], length 0 09:04:03.288668 enp0s3 Out IP hostB > hostA.50672: Flags [S.], seq 2691905561, ack 1743155525, win 62636, options [mss 8960,sackOK,TS val 2267918844 ecr 2010161184,nop,wscale 7], length 0

The above sequence repeats on both sides about once per second until timeout. My understanding of TCP dumps is limited, but it looks as though hostA's attempt is acknowledged by hostB; hostA receives the ack but then sends out another identical request. 

Also, the authorization log shows no signs of hostA access attempts:

So that you know, I can successfully ssh into all VMs from either my personal computer or non-Oracle hosts.

I would much appreciate any pointers.

details added, based on grawity's comment
Source Link
Giuseppe
Giuseppe
  • 113
  • 5

I manage several Oracle cloud compute instances (all Ubuntu servers) located in different regions.

All VMs have iptables set to allow ingress traffic on port 22, and the same ingress rules are applied to the VCN's security list.

I used to be able to establish connections between hosts (ssh, rsync, scp) but it is getting increasingly difficult as more and more connections between individual hosts fail after timing out. I say increasingly because a connection from hostA (Amsterdam) to hostB (Frankfurt) that was working yesterday no longer works today. The behavior appears to be expanding to more and more hosts (or maybe host pairs?), and I cannot establish a pattern.

Attempting to connect from hostA to hostB results in a time out:

hostA$ ssh -vvv myhosthostB debug1: Connecting to myhosthostB [xx.xx.xx.xx] port 22 debug3: set_sock_tos: set socket 3 IP_TOS 0x10

I say increasingly because a connectionmeanwhile, from HostA (Amsterdam) to HostB (Frankfurt) that was working yesterday no longer works today. The behavior appears to be expanding to more and more hosts (or maybe host pairs?)the perspective of hostB:

hostB# tcpdump -i any tcp port 22 and 'tcp[tcpflags] & (tcp-syn) != 0' 22:22:11.636059 enp0s3 In IP hostA.48460 > hostB: Flags [S], seq 3085504, win 62720, options [mss 8960,sackOK,TS val 1971650537 ecr 0,nop,wscale 7], length 0 22:22:11.636114 enp0s3 Out IP hostB > hostA.48460: Flags [S.], seq 1406526958, ack 3085505, win 62636, options [mss 8960,sackOK,TS val 2229407192 ecr 1971650537,nop,wscale 7], length 0

Thus, hostB receives packets from hostA and I cannot establish a patternsends back an acknowledgement, but nothing else happens. Also, the authorization log shows no signs of hostA access attempts:

hostB# tail -f /var/log/auth.log ...

Please note that I can successfully ssh into all VMs from either my personal computer or non-Oracle hosts.

I would much appreciate any pointers,

I manage several Oracle cloud compute instances (all Ubuntu servers) located in different regions.

All VMs have iptables set to allow ingress traffic on port 22, and the same ingress rules are applied to the VCN's security list.

I used to be able to establish connections between hosts (ssh, rsync, scp) but it is getting increasingly difficult as more and more connections between individual hosts fail after timing out:

ssh -vvv myhost debug1: Connecting to myhost [xx.xx.xx.xx] port 22 debug3: set_sock_tos: set socket 3 IP_TOS 0x10

I say increasingly because a connection from HostA (Amsterdam) to HostB (Frankfurt) that was working yesterday no longer works today. The behavior appears to be expanding to more and more hosts (or maybe host pairs?), and I cannot establish a pattern.

Please note that I can ssh into all VMs from my personal computer or non-Oracle hosts

I would much appreciate any pointers,

I manage several Oracle cloud compute instances (all Ubuntu servers) located in different regions.

All VMs have iptables set to allow ingress traffic on port 22, and the same ingress rules are applied to the VCN's security list.

I used to be able to establish connections between hosts (ssh, rsync, scp) but it is getting increasingly difficult as more and more connections between individual hosts fail after timing out. I say increasingly because a connection from hostA (Amsterdam) to hostB (Frankfurt) that was working yesterday no longer works today. The behavior appears to be expanding to more and more hosts (or maybe host pairs?), and I cannot establish a pattern.

Attempting to connect from hostA to hostB results in a time out:

hostA$ ssh -vvv hostB debug1: Connecting to hostB [xx.xx.xx.xx] port 22 debug3: set_sock_tos: set socket 3 IP_TOS 0x10

meanwhile, from the perspective of hostB:

hostB# tcpdump -i any tcp port 22 and 'tcp[tcpflags] & (tcp-syn) != 0' 22:22:11.636059 enp0s3 In IP hostA.48460 > hostB: Flags [S], seq 3085504, win 62720, options [mss 8960,sackOK,TS val 1971650537 ecr 0,nop,wscale 7], length 0 22:22:11.636114 enp0s3 Out IP hostB > hostA.48460: Flags [S.], seq 1406526958, ack 3085505, win 62636, options [mss 8960,sackOK,TS val 2229407192 ecr 1971650537,nop,wscale 7], length 0

Thus, hostB receives packets from hostA and sends back an acknowledgement, but nothing else happens. Also, the authorization log shows no signs of hostA access attempts:

hostB# tail -f /var/log/auth.log ...

Please note that I can successfully ssh into all VMs from either my personal computer or non-Oracle hosts.

I would much appreciate any pointers

Source Link
Giuseppe
Giuseppe
  • 113
  • 5

Unable to connect between Oracle compute instances

I manage several Oracle cloud compute instances (all Ubuntu servers) located in different regions.

All VMs have iptables set to allow ingress traffic on port 22, and the same ingress rules are applied to the VCN's security list.

I used to be able to establish connections between hosts (ssh, rsync, scp) but it is getting increasingly difficult as more and more connections between individual hosts fail after timing out:

ssh -vvv myhost debug1: Connecting to myhost [xx.xx.xx.xx] port 22 debug3: set_sock_tos: set socket 3 IP_TOS 0x10

I say increasingly because a connection from HostA (Amsterdam) to HostB (Frankfurt) that was working yesterday no longer works today. The behavior appears to be expanding to more and more hosts (or maybe host pairs?), and I cannot establish a pattern.

Please note that I can ssh into all VMs from my personal computer or non-Oracle hosts

I would much appreciate any pointers,