Do you have a question? Post it now! No Registration Necessary. Now with pictures!
November 26, 2008, 6:01 pm
rate this thread
I have an SSH tunnel to a virtual IP. I am forwarding the MySQL
traffic over this. The problem I am having is that after failover the
tunnel exits as soon as I make a test connection using the MySQL
client. I would like the tunnel to stay up and work with the new host
on the other side on failover.
I have tried various things like
I have even tried using the same ssh host RSA and DSA keys on both
I am invoking the tunnel as this:
Heres an example of the error (with obscured values to protect the
$ ssh -N foo@<VIP> -L 7777:127.0.0.1:3306 -o
StrictHostKeyChecking=no ServerAliveInterval=60 TCPKeepAlive=yes
Warning: Permanently added '<VIP>' (RSA) to the list of known hosts.
Read from remote host <VIP>: Connection reset by peer
The connection reset by peer happens after failover when I invoke:
$ mysql -D <database> -h 127.0.0.1 -P 7777 -p
ERROR 2013 (HY000): Lost connection to MySQL server at 'reading
communication packet', system error: 0
Is there some facility within ssh that will help me? My other recourse
is to write a bit of Perl to fork, start the tunnel and restart it on
exiting. I have experimented with another solution using xinetd acting
as a MySQL proxy (see:
but xinetd is probably not well suited to multiple simulateous
connections such as a database-driven website scenario.
- Richard E. Silverman
November 26, 2008, 6:20 pm
Re: SSH Tunnel to a Virtual IP
None of this will help you, because they are properties of an existing SSH
connection. When you repoint the vip at a new host, the SSH connection is
gone. What you would need is a feature in OpenSSH which will
automatically try to re-establish a connection if it fails. There is no
such feature; you will have to do it yourself.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum