RHEL: Other TCP connnections stall on TX side when sss_ssh_knownhostsproxy is used

Solution In Progress - Updated -

Issue

  • With 'ProxyCommand set to /usr/bin/sss_ssh_knownhostsproxy -p %p %h' in the /etc/ssh/ssh_config file mysql connection will be blocked by 14 rsync connections. and the error msg is:
    ERROR 2013 (XX000): Lost connection to MySQL server at 'reading authorization packet', system error: 0.
  • Without the 'ProxyCommand set in /etc/ssh/ssh_config the mysql connection can be worked as normal.
    • The ProxyCommand directive will force rsync connections through the /usr/bin/sss_ssh_knownhostsproxy program rather than just through the ssh layer:
# ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h
  • This can also affect other TCP connections that set IP_TOS to 0x8.

Environment

  • Red Hat Enterprise Linux 7
    • 3.10.0-229.el7
    • Same behaviour in 3.10.0-514.27.1.el7
  • MySQL
  • Or any other TCP program
  • Interface has a root qdisc of mq

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In