Bug 1262245 - ssh failback to ipv4 a long time
Summary: ssh failback to ipv4 a long time
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh
Version: 23
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jakub Jelen
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-09-11 09:15 UTC by Mikhail
Modified: 2015-09-14 06:49 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2015-09-14 06:49:03 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
screenshot (214.56 KB, image/png)
2015-09-11 09:15 UTC, Mikhail
no flags Details

Description Mikhail 2015-09-11 09:15:17 UTC
Created attachment 1072498 [details]
screenshot

Description of problem:
My server sy24.ru uses both ipv4 and ipv6 protocols.
When I use domain name as host, ssh try use ipv6 protocol first, but when my ISP have some troubles with ipv6, I have to wait a long time when ssh automatically go to ipv4.

Modern browsers make it immediately.

I want here that ssh use less timeout for failback to ipv4, or use both protocols in parallel.

$ ssh synergy-demo -vvv
OpenSSH_7.1p1, OpenSSL 1.0.2d-fips 9 Jul 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to sy24.ru [2a02:c200:1:10:2:2:5208:1] port 22.
debug1: connect to address 2a02:c200:1:10:2:2:5208:1 port 22: Connection timed out
debug1: Connecting to sy24.ru [213.136.82.171] port 22.
debug1: Connection established.

Comment 1 Jakub Jelen 2015-09-11 12:40:13 UTC
There is option ConnectTimeout in ssh_config, which should suit for your needs. Please let me know it it works for you. I don't have ISP with IPv6 troubles.

It should work for you in this way for 10s timeout:
$ ssh synergy-demo -vvv -oConnectTimeout=10

or you can store it in your global /etc/ssh/ssh_config as a line

ConnectTimeout 10

Comment 2 Mikhail 2015-09-13 22:42:47 UTC
Thanks, it helps.
With this option timeout can be decreased to 1 sec.

Do not you think that necessary to reduce the default timeout? Or make a more intelligent algorithm as in browsers.

Comment 3 Jakub Jelen 2015-09-14 06:49:03 UTC
I don't think so. Default timeout is none, which will rely on the TCP timeout. This is usually the best when you don't have any information about network infrastructure (default).

Setting the limit too low can make connection over high latency network fail. This is not something you want by default, but if you know what are you doing, it can be useful tuning for your setup.


Note You need to log in before you can comment on or make changes to this bug.