Ranganathan, Shobha
2006-Nov-16 00:26 UTC
RE: [Fedora-xen] scp in FC6 + Xen gets stuck in "stalled" stage
Yes . That did it. I am able to copy files using scp. Why does an MTU issue come up in this scenario ? Thanks Shobha -----Original Message----- From: Paul Wouters [mailto:paul@xelerance.com] Sent: Wednesday, November 15, 2006 1:25 PM To: Ranganathan, Shobha Cc: fedora-xen@redhat.com Subject: Re: [Fedora-xen] scp in FC6 + Xen gets stuck in "stalled" stage On Wed, 15 Nov 2006, Ranganathan, Shobha wrote:> I am trying to get scp to work. It gets stuck displaying "stalled" > message.> This happens in the Xen that I built with xen-3.0.3-rc3 which buildsit> with 2.6.16.29 kernel in Fedora Core 6.> I boot into Fedora provided FC6 Xen host and tried scp and it works.Looks more like an MTU isuse. Try using clamping: iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu Otherwise, try pinging with different size packets until it fails, and then use the last successful packet size (eg 1440) to: iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1440 Paul
Paul Wouters
2006-Nov-16 00:49 UTC
RE: [Fedora-xen] scp in FC6 + Xen gets stuck in "stalled" stage
On Wed, 15 Nov 2006, Ranganathan, Shobha wrote:> Yes . That did it. I am able to copy files using scp.Excellent.> Why does an MTU issue come up in this scenario ?I have no idea. I encounter this problem mostly in my support job for Openswan, and then the case is usually an overzealous firewall administrator blocking all icmp packets or overly horrid and cheap DSL/cable network design. There have also been issues in the past with path MTU and IPsec (on both KLIPS and NETKEY). This fix tends to work, at least for tcp. Perhaps this is related to the bridging setup of Xen? Or VLAN tagging? I have no idea. Paul> -----Original Message----- > From: Paul Wouters [mailto:paul@xelerance.com] > Sent: Wednesday, November 15, 2006 1:25 PM > To: Ranganathan, Shobha > Cc: fedora-xen@redhat.com > Subject: Re: [Fedora-xen] scp in FC6 + Xen gets stuck in "stalled" stage > > On Wed, 15 Nov 2006, Ranganathan, Shobha wrote: > > > I am trying to get scp to work. It gets stuck displaying "stalled" > > message. > > > This happens in the Xen that I built with xen-3.0.3-rc3 which builds > it > > with 2.6.16.29 kernel in Fedora Core 6. > > > I boot into Fedora provided FC6 Xen host and tried scp and it works. > > Looks more like an MTU isuse. Try using clamping: > > iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS > --clamp-mss-to-pmtu > > Otherwise, try pinging with different size packets until it fails, and > then use > the last successful packet size (eg 1440) to: > > iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss > 1440 > > Paul >-- Building and integrating Virtual Private Networks with Openswan: http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155