[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: [Fedora-xen] scp in FC6 + Xen gets stuck in "stalled" stage



On Wed, 15 Nov 2006, Ranganathan, Shobha wrote:

> Yes . That did it. I am able to copy files using scp.

Excellent.

> Why does an MTU issue come up in this scenario ?

I have no idea. I encounter this problem mostly in my support job
for Openswan, and then the case is usually an overzealous firewall
administrator blocking all icmp packets or overly horrid and cheap
DSL/cable network design. There have also been issues in the past with
path MTU and IPsec (on both KLIPS and NETKEY).

This fix tends to work, at least for tcp. Perhaps this is related
to the bridging setup of Xen? Or VLAN tagging? I have no idea.

Paul

> -----Original Message-----
> From: Paul Wouters [mailto:paul xelerance com]
> Sent: Wednesday, November 15, 2006 1:25 PM
> To: Ranganathan, Shobha
> Cc: fedora-xen redhat com
> Subject: Re: [Fedora-xen] scp in FC6 + Xen gets stuck in "stalled" stage
>
> On Wed, 15 Nov 2006, Ranganathan, Shobha wrote:
>
> > I am trying to get scp to work. It gets stuck displaying "stalled"
> > message.
>
> > This happens in the Xen that I built with xen-3.0.3-rc3 which builds
> it
> > with 2.6.16.29 kernel in Fedora Core 6.
>
> > I boot into Fedora provided   FC6 Xen host and tried scp and it works.
>
> Looks more like an MTU isuse. Try using clamping:
>
> iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS
> --clamp-mss-to-pmtu
>
> Otherwise, try pinging with different size packets until it fails, and
> then use
> the last successful packet size (eg 1440) to:
>
> iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss
> 1440
>
> Paul
>

-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]