ssh port forwarding and long delays

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi all.

I retrieve and send email by tunneling through ssh like so:
ssh -l myusername -L5110:my.remore.server:110 -L5025:my.remote.server:25

This as you can guess gives me a shell on my.remote.server and opens
local port 5110 which it tunnels to port 110 on the remote machine and
local 5025 which it tunnels to 25 on the remote machine.

If I turn on the default firewall config in SuSE 9.0 the tunneled
connections take very long to get establised. (3-4 minutes before I see
the POP3 server prompt)

To clarify... Whether the firewall is turned on or off, my initial SSH
connection to the remote machine get's established just fine and I get
the remote shell instantly. But when an application on my local machine
requests a connection to 5110 or 5025  if the firewall is turned on it
takes very long before it is connected to the equivalent port on the
remote machine.

Does anyone know where the problem might be?

any help much appreciated...

Re: ssh port forwarding and long delays

You didn't say which machine you're setting the firewall on (client?
server? intermediate router?), or how it is restricting traffic.  The
symptoms suggest a secondary problem, e.g. sshd/SMTP server/POP server
doing a DNS reverse lookup, reverse ident connection, etc. which is being
blocked by the firewall and timing out before your connection succeeds.
Use a network tracer (e.g. tcpdump) to see what's going on.

  Richard Silverman

Site Timeline