I''m using Fedora Core 4. I need to create an ssh port forwarding tunnel to my xen0 domain when my xenU domain starts up, so I added this to the xenU''s /etc/rc.d/rc.local: ssh -v -f -L 5500:localhost:5501 xen0_ip tail -f /dev/null This causes my VM to pause for about 3 minutes during boot. Furthermore, the ssh tunnel never gets created. The ssh command is stalling at "Connecting to (xen0_IP) port 22" I have null-passphrase authentication keys working, so I can execute the tunnel manually after I log in. So why won''t the tunnel work before I log in? When I try the same trick on the bare-metal host machine and ssh to a different physical machine, it works fine: no 3-minute stall and the ssh tunnel is created fine. So what is it about Xen or my xenU domain that breaks ssh before login, but not after login? And what is it about Xen or my xenU domain that breaks ssh before login, while it works fine for a physical host? Thanks for any thoughts, Stephen Brueckner, ATC-NY _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Thu, 15 Dec 2005, Steve Brueckner wrote:> I''m using Fedora Core 4. I need to create an ssh port forwarding tunnel to > my xen0 domain when my xenU domain starts up, so I added this to the xenU''s > /etc/rc.d/rc.local: > > ssh -v -f -L 5500:localhost:5501 xen0_ip tail -f /dev/null > > This causes my VM to pause for about 3 minutes during boot. Furthermore, > the ssh tunnel never gets created. The ssh command is stalling at > "Connecting to (xen0_IP) port 22" > > I have null-passphrase authentication keys working, so I can execute the > tunnel manually after I log in. So why won''t the tunnel work before I log > in?ssh is pretty paranoid. It probably knows the difference between this non-interactive login and an interactive one... so it might not be attempting this. Can you run the same commands from a script or a cron job on the same box? Other things to check are your logs on the target machine to see if ssh is even getting as far as establishing a connection. DNS ... which _should_ be fine, since rc.local is generally the last thing to run, etc... _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Tom Brown wrote:> On Thu, 15 Dec 2005, Steve Brueckner wrote: > >> I''m using Fedora Core 4. I need to create an ssh port forwarding >> tunnel to my xen0 domain when my xenU domain starts up, so I added >> this to the xenU''s /etc/rc.d/rc.local: >> >> ssh -v -f -L 5500:localhost:5501 xen0_ip tail -f /dev/null >> >> This causes my VM to pause for about 3 minutes during boot. >> Furthermore, the ssh tunnel never gets created. The ssh command is >> stalling at "Connecting to (xen0_IP) port 22" >> >> I have null-passphrase authentication keys working, so I can execute >> the tunnel manually after I log in. So why won''t the tunnel work >> before I log in? > > ssh is pretty paranoid. It probably knows the difference between this > non-interactive login and an interactive one... so it might not be > attempting this. Can you run the same commands from a script or a > cron job on the same box? > > Other things to check are your logs on the target machine to see if > ssh is even getting as far as establishing a connection. DNS ... > which _should_ be fine, since rc.local is generally the last thing to > run, etc...Well since it works from rc.local bewteen non-Xen boxes, I don''t think it''s ssh''s fault. I tried adding a wget command into rc.local also, and wget fails with: Resolving download.fedora.redhat.com... Failed: Host not found. So I''m starting to think maybe Xen doesn''t bring up the network until after login or something along those lines. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
on Thu, Dec 15, 2005 at 01:38:29PM -0500, Steve Brueckner (steve@atc-nycorp.com) wrote:> I''m using Fedora Core 4. I need to create an ssh port forwarding tunnel to > my xen0 domain when my xenU domain starts up, so I added this to the xenU''s > /etc/rc.d/rc.local: > > ssh -v -f -L 5500:localhost:5501 xen0_ip tail -f /dev/null > > This causes my VM to pause for about 3 minutes during boot. Furthermore, > the ssh tunnel never gets created. The ssh command is stalling at > "Connecting to (xen0_IP) port 22"It would be useful to see what''s happening on the remote (well, local) server side. Check sshd''s logs, and/or run it manually in debug mode and watch its output as the connection is being attempted: sshd -ddDe <ctrl>-c to exit when done.> I have null-passphrase authentication keys working, so I can execute the > tunnel manually after I log in. So why won''t the tunnel work before I log > in? > > When I try the same trick on the bare-metal host machine and ssh to a > different physical machine, it works fine: no 3-minute stall and the ssh > tunnel is created fine.A three-minute timeout sounds suspiciously like a network timeout. rc.local runs _after_ all other rc scripts, so networking should be up and running. You might want to ammend your script to check networking status, _before_ the ssh command is executed: ifconfig; route -n; ping localhost Check also that /etc/hosts has a proper localhost entry.> So what is it about Xen or my xenU domain that breaks ssh before > login, but not after login? And what is it about Xen or my xenU > domain that breaks ssh before login, while it works fine for a > physical host?Logs and debug output would be helpful here. Cheers. -- Karsten M. Self <karsten@xensource.com> XenSource, Inc. 2300 Geng Road #250 +1 650.798.5900 x259 Palo Alto, CA 94303 +1 650.493.1579 fax _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
on Thu, Dec 15, 2005 at 01:58:22PM -0500, Steve Brueckner (steve@atc-nycorp.com) wrote:> Tom Brown wrote: > > On Thu, 15 Dec 2005, Steve Brueckner wrote: > > > >> I''m using Fedora Core 4. I need to create an ssh port forwarding > >> tunnel to my xen0 domain when my xenU domain starts up, so I added > >> this to the xenU''s /etc/rc.d/rc.local: > >> > >> ssh -v -f -L 5500:localhost:5501 xen0_ip tail -f /dev/null > >> > >> This causes my VM to pause for about 3 minutes during boot. > >> Furthermore, the ssh tunnel never gets created. The ssh command is > >> stalling at "Connecting to (xen0_IP) port 22" > >> > >> I have null-passphrase authentication keys working, so I can execute > >> the tunnel manually after I log in. So why won''t the tunnel work > >> before I log in? > > > > ssh is pretty paranoid. It probably knows the difference between this > > non-interactive login and an interactive one... so it might not be > > attempting this. Can you run the same commands from a script or a > > cron job on the same box? > > > > Other things to check are your logs on the target machine to see if > > ssh is even getting as far as establishing a connection. DNS ... > > which _should_ be fine, since rc.local is generally the last thing to > > run, etc... > > Well since it works from rc.local bewteen non-Xen boxes, I don''t think > it''s ssh''s fault. I tried adding a wget command into rc.local also, and > wget fails with: > > Resolving download.fedora.redhat.com... Failed: Host not found. > > So I''m starting to think maybe Xen doesn''t bring up the network until > after login or something along those lines.What''s your nameserver configuration? Try in rc.local: dig download.fedora.redhat.com ... and post output. Cheers. -- Karsten M. Self <karsten@xensource.com> XenSource, Inc. 2300 Geng Road #250 +1 650.798.5900 x259 Palo Alto, CA 94303 +1 650.493.1579 fax _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users