VMware Communities
quinn_jones
Contributor
Contributor
‎06-21-2018 05:44 AM

SSH connections dropped due to QoS flags

I've started running into a problem with outbound SSH connections from a linux guest being dropped as soon as connection is established.  The issue is repeatable and fixable with a kludge that modifies QoS.

The issue manifests itself by dropping the connection immediately after establishing it:

$ ssh $host

packet_write_wait: Connection to $host port 22: Broken pipe

Enabling verbose flags (-v or -vvv) doesn't show anything remarkable.

I've been in contact with my linux distribution's maintainers[1] and they have helped narrow the problem down to an issue with vmnat misbehaving.

Because vmnat do not recognise AF21/CS1 DSCP flags, it'll send back a RST packet (don't know why) immediately upon received any packet having either flags, and finally break all ssh connection. (This happens soon after authentication since IPQoS applies during channel establish) [2]

This is on VMWare Workstation 12 Player, version 12.5.9 build-7535481, running on Win 7 Enterprise.  My guest is running a current Linux kernel (4.9.95) and openssh 7.7_p1-r4 (though it seems like any software that uses QoS will have this problem.)

Setting alternate QoS flags seems to work around the issue, e.g. ssh -o IPQoS=throughput ...

References:

[1] https://forums.gentoo.org/viewtopic-t-1082598.html

[2] https://bugs.gentoo.org/658488#c3

6 Replies
pup_sebaW
Contributor
Contributor
‎09-01-2018 11:45 AM

Thanks for sharing this solution...I was going nuts trying to figure out what was happening 😕

McDime
Contributor
Contributor
‎09-26-2018 02:29 AM

Great. Thank you! You saved my day!

0 Kudos
depping
Leadership
Leadership
‎11-26-2018 05:13 AM

Thanks for sharing that, been trying to fix this issue on my Macbook for weeks now!

OuyangLane
Contributor
Contributor
‎11-27-2018 05:45 PM

I met the same problem: linux - From VMware and Fedora 29 ssh to remote machine cause Broken pipe - Super User

Meanwhile, scp command also have to add -o 'IPQoS=throughput'.

0 Kudos
lkroll
Contributor
Contributor
‎02-18-2019 06:06 AM

Thanks, that helped a lot!

Setting IPQoS=throughput in ~/.ssh/config fixes it for all programs using ssh, as far as I can tell (for example, git).

0 Kudos
rtaheri
VMware Employee
VMware Employee
‎03-16-2019 01:06 PM

I have also been having this problem for a while. What's peculiar is that it only affects an ssh session from my MacBook Pro laptop (when I am home) connecting to my work iMac

  • I can ssh into all my lab VMs on various hosts on the internal VMware network with no problems. It is just the iMac that drops the connection immediately
  • I can do something like "ssh rtaheri@XXX date", and it works just fine. It just cannot run a shell. I can even do an "scp" with no problems
  • I can ssh into my iMac from my testbed VMs with no problems. It is just the MBP-> iMac that's problematic
  • Just to make sure, I removed the .ssh directory on both ends, and ran "ssh -o IPQoS=throughput". Still no luck

I am running Mojave 10.14.3 on both ends

My only recourse right now is doing an ssh into a lab VM, then ssh into my iMac, which feels really weird !

Thanks,
Reza

0 Kudos