Problems with SCP stalling during file copy over VPNHow to make scp copy hidden files?“Corrupted MAC on input. Packet Corrupt” on file transfer over SSH, SCP, and FTP on Linux ServerCan scp copy directories recursively?Use scp to copy a file to different serversfile transfer with ssh pipe; without scpscp cannot transfer file?SCP copy windows local file to linux remote folderscp to copy file to remote server fails because of permissionsSCP Unable to copy from server with Private KeySCP Changing text file contents
How can this tool find out registered domains from an IP?
Is it expected that a reader will skip parts of what you write?
Which languages would be most useful in Europe at the end of the 19th century?
Compiling C files on Ubuntu and using the executable on Windows
Alternate way of computing the probability of being dealt a 13 card hand with 3 kings given that you have been dealt 2 kings
You have (3^2 + 2^3 + 2^2) Guesses Left. Figure out the Last one
A IP can traceroute to it, but can not ping
How to hide an urban landmark?
How did old MS-DOS games utilize various graphic cards?
Winning Strategy for the Magician and his Apprentice
With Ubuntu 18.04, how can I have a hot corner that locks the computer?
Longest bridge/tunnel that can be cycled over/through?
Fixing obscure 8080 emulator bug?
How is John Wick 3 a 15 certificate?
Inward extrusion is not working
Extreme flexible working hours: how to control people and activities?
Meaning of 'lose their grip on the groins of their followers'
Medieval flying castle propulsion
CROSS APPLY produces outer join
How can I end combat quickly when the outcome is inevitable?
Why can my keyboard only digest 6 keypresses at a time?
Is it legal for a bar bouncer to confiscate a fake ID
Does a scale have more than seven chords?
Are there any important biographies of nobodies?
Problems with SCP stalling during file copy over VPN
How to make scp copy hidden files?“Corrupted MAC on input. Packet Corrupt” on file transfer over SSH, SCP, and FTP on Linux ServerCan scp copy directories recursively?Use scp to copy a file to different serversfile transfer with ssh pipe; without scpscp cannot transfer file?SCP copy windows local file to linux remote folderscp to copy file to remote server fails because of permissionsSCP Unable to copy from server with Private KeySCP Changing text file contents
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I have a series of files I need to copy via SCP over a VPN to a remote linux server each night. The files are not large, we're talking about tens of megabytes here, but the file copy almost always stalls after a few seconds. Running the SCP command with -vvv, I see the following over and over throughout the attempted copy process:
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
Any thoughts? I see this question being asked in various places out there, but never any answers. Any help would be appreciated.
linux ssh vpn scp
asked Mar 8 '10 at 21:32
MattCMattC
2371211
add a comment |
I have a series of files I need to copy via SCP over a VPN to a remote linux server each night. The files are not large, we're talking about tens of megabytes here, but the file copy almost always stalls after a few seconds. Running the SCP command with -vvv, I see the following over and over throughout the attempted copy process:
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
Any thoughts? I see this question being asked in various places out there, but never any answers. Any help would be appreciated.
linux ssh vpn scp
asked Mar 8 '10 at 21:32
MattCMattC
2371211
I have experienced similar things many times, though I don't have anything that does it reliably right now. It might be interesting to see if hpn-ssh would make a difference.
– sfink
Mar 9 '10 at 7:12
add a comment |
I have a series of files I need to copy via SCP over a VPN to a remote linux server each night. The files are not large, we're talking about tens of megabytes here, but the file copy almost always stalls after a few seconds. Running the SCP command with -vvv, I see the following over and over throughout the attempted copy process:
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
Any thoughts? I see this question being asked in various places out there, but never any answers. Any help would be appreciated.
linux ssh vpn scp
asked Mar 8 '10 at 21:32
MattCMattC
2371211
I have a series of files I need to copy via SCP over a VPN to a remote linux server each night. The files are not large, we're talking about tens of megabytes here, but the file copy almost always stalls after a few seconds. Running the SCP command with -vvv, I see the following over and over throughout the attempted copy process:
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
debug2: channel 0: rcvd adjust 131072
Any thoughts? I see this question being asked in various places out there, but never any answers. Any help would be appreciated.
linux ssh vpn scp
linux ssh vpn scp
asked Mar 8 '10 at 21:32
MattCMattC
2371211
asked Mar 8 '10 at 21:32
MattCMattC
2371211
asked Mar 8 '10 at 21:32
MattCMattC
2371211
asked Mar 8 '10 at 21:32
MattCMattC
2371211
asked Mar 8 '10 at 21:32
MattCMattC
2371211
2371211
I have experienced similar things many times, though I don't have anything that does it reliably right now. It might be interesting to see if hpn-ssh would make a difference.
– sfink
Mar 9 '10 at 7:12
add a comment |
I have experienced similar things many times, though I don't have anything that does it reliably right now. It might be interesting to see if hpn-ssh would make a difference.
– sfink
Mar 9 '10 at 7:12
I have experienced similar things many times, though I don't have anything that does it reliably right now. It might be interesting to see if hpn-ssh would make a difference.
– sfink
Mar 9 '10 at 7:12
I have experienced similar things many times, though I don't have anything that does it reliably right now. It might be interesting to see if hpn-ssh would make a difference.
– sfink
Mar 9 '10 at 7:12
add a comment |
5 Answers
5
active
oldest
votes
Are you allowing ICMP through the VPN? "TCP connection stalls after a few seconds" often translates to "PMTU black hole".
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
2
so few understand icmp PMTU discovery :-(
– The Unix Janitor
Aug 29 '12 at 14:53
2
That sounds interesting, but is not totally clear. Could you elaborate on what exactly is going wrong, and how to fix it?
– Craig McQueen
May 23 '17 at 4:32
add a comment |
Similar to @Gerald's response this page http://www.netheaven.com/pmtu.html gives a good explanation of MTU Discovery and the options when facing this issue.
Also a whitepaper by Cisco that discusses IP Fragmentation, MTU Discovery, and MSS all pertaining to IPSec VPN tunnels but is equally valid for similar situations. http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
add a comment |
Are you running the latest version of whatever ssh servers and clients you're using? I'd also recommend hitting their email lists on this as it seems rather obscure.
answered Mar 9 '10 at 1:19
Mark CMark C
1334
add a comment |
We had similar spurios problems with scp to some Linux servers (Debian, 2.6.24-etchnhalf).
We were able to do away with the stalls by disabling the TCP variable tcp_sack ("tcp selective acknowledgements") on the remote servers:
sysctl -w net.ipv4.tcp_sack=0
On Debian, tcp_sack is enabled by default. If I read http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/tcpvariables.html, it should make no sense to disable this option, but in our case, it helped.
You can make this change permanent by adding a line net.ipv4.tcp_sack=0 to /etc/sysctl.conf (on other Linux systems YMMV).
answered Sep 7 '10 at 14:39
flightflight
249312
add a comment |
find out your Path MTU
ping -M do -s 1472 host.domain
PING host.domain (10.0.0.1) 1472(1500) bytes of data.
ping: sendmsg: Message too long
ping: local error: Message too long, mtu=1196
^C
ping -M do -s 1168 host.domain
PING host.domain (10.0.0.1) 1168(1196) bytes of data.
1176 bytes from 10.0.0.1: icmp_seq=1 ttl=60 time=283 ms
^Cset up that MTU for your network connection
ip link set eth0 mtu 1196(note that this is temporary)
answered May 22 at 19:40
törzsmókustörzsmókus
1325
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f120505%2fproblems-with-scp-stalling-during-file-copy-over-vpn%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
Are you allowing ICMP through the VPN? "TCP connection stalls after a few seconds" often translates to "PMTU black hole".
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
2
so few understand icmp PMTU discovery :-(
– The Unix Janitor
Aug 29 '12 at 14:53
2
That sounds interesting, but is not totally clear. Could you elaborate on what exactly is going wrong, and how to fix it?
– Craig McQueen
May 23 '17 at 4:32
add a comment |
Are you allowing ICMP through the VPN? "TCP connection stalls after a few seconds" often translates to "PMTU black hole".
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
2
so few understand icmp PMTU discovery :-(
– The Unix Janitor
Aug 29 '12 at 14:53
2
That sounds interesting, but is not totally clear. Could you elaborate on what exactly is going wrong, and how to fix it?
– Craig McQueen
May 23 '17 at 4:32
add a comment |
Are you allowing ICMP through the VPN? "TCP connection stalls after a few seconds" often translates to "PMTU black hole".
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
Are you allowing ICMP through the VPN? "TCP connection stalls after a few seconds" often translates to "PMTU black hole".
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
answered Sep 7 '10 at 16:58
Gerald CombsGerald Combs
5,8161833
5,8161833
2
so few understand icmp PMTU discovery :-(
– The Unix Janitor
Aug 29 '12 at 14:53
2
That sounds interesting, but is not totally clear. Could you elaborate on what exactly is going wrong, and how to fix it?
– Craig McQueen
May 23 '17 at 4:32
add a comment |
2
so few understand icmp PMTU discovery :-(
– The Unix Janitor
Aug 29 '12 at 14:53
2
That sounds interesting, but is not totally clear. Could you elaborate on what exactly is going wrong, and how to fix it?
– Craig McQueen
May 23 '17 at 4:32
2
2
so few understand icmp PMTU discovery :-(
– The Unix Janitor
Aug 29 '12 at 14:53
so few understand icmp PMTU discovery :-(
– The Unix Janitor
Aug 29 '12 at 14:53
2
2
That sounds interesting, but is not totally clear. Could you elaborate on what exactly is going wrong, and how to fix it?
– Craig McQueen
May 23 '17 at 4:32
That sounds interesting, but is not totally clear. Could you elaborate on what exactly is going wrong, and how to fix it?
– Craig McQueen
May 23 '17 at 4:32
add a comment |
Similar to @Gerald's response this page http://www.netheaven.com/pmtu.html gives a good explanation of MTU Discovery and the options when facing this issue.
Also a whitepaper by Cisco that discusses IP Fragmentation, MTU Discovery, and MSS all pertaining to IPSec VPN tunnels but is equally valid for similar situations. http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
add a comment |
Similar to @Gerald's response this page http://www.netheaven.com/pmtu.html gives a good explanation of MTU Discovery and the options when facing this issue.
Also a whitepaper by Cisco that discusses IP Fragmentation, MTU Discovery, and MSS all pertaining to IPSec VPN tunnels but is equally valid for similar situations. http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
add a comment |
Similar to @Gerald's response this page http://www.netheaven.com/pmtu.html gives a good explanation of MTU Discovery and the options when facing this issue.
Also a whitepaper by Cisco that discusses IP Fragmentation, MTU Discovery, and MSS all pertaining to IPSec VPN tunnels but is equally valid for similar situations. http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
Similar to @Gerald's response this page http://www.netheaven.com/pmtu.html gives a good explanation of MTU Discovery and the options when facing this issue.
Also a whitepaper by Cisco that discusses IP Fragmentation, MTU Discovery, and MSS all pertaining to IPSec VPN tunnels but is equally valid for similar situations. http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
edited Aug 30 '12 at 14:36
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
answered Aug 29 '12 at 13:07
jjcf89jjcf89
17014
17014
add a comment |
add a comment |
Are you running the latest version of whatever ssh servers and clients you're using? I'd also recommend hitting their email lists on this as it seems rather obscure.
answered Mar 9 '10 at 1:19
Mark CMark C
1334
add a comment |
Are you running the latest version of whatever ssh servers and clients you're using? I'd also recommend hitting their email lists on this as it seems rather obscure.
answered Mar 9 '10 at 1:19
Mark CMark C
1334
add a comment |
Are you running the latest version of whatever ssh servers and clients you're using? I'd also recommend hitting their email lists on this as it seems rather obscure.
answered Mar 9 '10 at 1:19
Mark CMark C
1334
Are you running the latest version of whatever ssh servers and clients you're using? I'd also recommend hitting their email lists on this as it seems rather obscure.
answered Mar 9 '10 at 1:19
Mark CMark C
1334
answered Mar 9 '10 at 1:19
Mark CMark C
1334
answered Mar 9 '10 at 1:19
Mark CMark C
1334
answered Mar 9 '10 at 1:19
Mark CMark C
1334
1334
add a comment |
add a comment |
We had similar spurios problems with scp to some Linux servers (Debian, 2.6.24-etchnhalf).
We were able to do away with the stalls by disabling the TCP variable tcp_sack ("tcp selective acknowledgements") on the remote servers:
sysctl -w net.ipv4.tcp_sack=0
On Debian, tcp_sack is enabled by default. If I read http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/tcpvariables.html, it should make no sense to disable this option, but in our case, it helped.
You can make this change permanent by adding a line net.ipv4.tcp_sack=0 to /etc/sysctl.conf (on other Linux systems YMMV).
answered Sep 7 '10 at 14:39
flightflight
249312
add a comment |
We had similar spurios problems with scp to some Linux servers (Debian, 2.6.24-etchnhalf).
We were able to do away with the stalls by disabling the TCP variable tcp_sack ("tcp selective acknowledgements") on the remote servers:
sysctl -w net.ipv4.tcp_sack=0
On Debian, tcp_sack is enabled by default. If I read http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/tcpvariables.html, it should make no sense to disable this option, but in our case, it helped.
You can make this change permanent by adding a line net.ipv4.tcp_sack=0 to /etc/sysctl.conf (on other Linux systems YMMV).
answered Sep 7 '10 at 14:39
flightflight
249312
add a comment |
We had similar spurios problems with scp to some Linux servers (Debian, 2.6.24-etchnhalf).
We were able to do away with the stalls by disabling the TCP variable tcp_sack ("tcp selective acknowledgements") on the remote servers:
sysctl -w net.ipv4.tcp_sack=0
On Debian, tcp_sack is enabled by default. If I read http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/tcpvariables.html, it should make no sense to disable this option, but in our case, it helped.
You can make this change permanent by adding a line net.ipv4.tcp_sack=0 to /etc/sysctl.conf (on other Linux systems YMMV).
answered Sep 7 '10 at 14:39
flightflight
249312
We had similar spurios problems with scp to some Linux servers (Debian, 2.6.24-etchnhalf).
We were able to do away with the stalls by disabling the TCP variable tcp_sack ("tcp selective acknowledgements") on the remote servers:
sysctl -w net.ipv4.tcp_sack=0
On Debian, tcp_sack is enabled by default. If I read http://www.frozentux.net/ipsysctl-tutorial/chunkyhtml/tcpvariables.html, it should make no sense to disable this option, but in our case, it helped.
You can make this change permanent by adding a line net.ipv4.tcp_sack=0 to /etc/sysctl.conf (on other Linux systems YMMV).
answered Sep 7 '10 at 14:39
flightflight
249312
answered Sep 7 '10 at 14:39
flightflight
249312
answered Sep 7 '10 at 14:39
flightflight
249312
answered Sep 7 '10 at 14:39
flightflight
249312
249312
add a comment |
add a comment |
find out your Path MTU
ping -M do -s 1472 host.domain
PING host.domain (10.0.0.1) 1472(1500) bytes of data.
ping: sendmsg: Message too long
ping: local error: Message too long, mtu=1196
^C
ping -M do -s 1168 host.domain
PING host.domain (10.0.0.1) 1168(1196) bytes of data.
1176 bytes from 10.0.0.1: icmp_seq=1 ttl=60 time=283 ms
^Cset up that MTU for your network connection
ip link set eth0 mtu 1196(note that this is temporary)
answered May 22 at 19:40
törzsmókustörzsmókus
1325
add a comment |
find out your Path MTU
ping -M do -s 1472 host.domain
PING host.domain (10.0.0.1) 1472(1500) bytes of data.
ping: sendmsg: Message too long
ping: local error: Message too long, mtu=1196
^C
ping -M do -s 1168 host.domain
PING host.domain (10.0.0.1) 1168(1196) bytes of data.
1176 bytes from 10.0.0.1: icmp_seq=1 ttl=60 time=283 ms
^Cset up that MTU for your network connection
ip link set eth0 mtu 1196(note that this is temporary)
answered May 22 at 19:40
törzsmókustörzsmókus
1325
add a comment |
find out your Path MTU
ping -M do -s 1472 host.domain
PING host.domain (10.0.0.1) 1472(1500) bytes of data.
ping: sendmsg: Message too long
ping: local error: Message too long, mtu=1196
^C
ping -M do -s 1168 host.domain
PING host.domain (10.0.0.1) 1168(1196) bytes of data.
1176 bytes from 10.0.0.1: icmp_seq=1 ttl=60 time=283 ms
^Cset up that MTU for your network connection
ip link set eth0 mtu 1196(note that this is temporary)
answered May 22 at 19:40
törzsmókustörzsmókus
1325
find out your Path MTU
ping -M do -s 1472 host.domain
PING host.domain (10.0.0.1) 1472(1500) bytes of data.
ping: sendmsg: Message too long
ping: local error: Message too long, mtu=1196
^C
ping -M do -s 1168 host.domain
PING host.domain (10.0.0.1) 1168(1196) bytes of data.
1176 bytes from 10.0.0.1: icmp_seq=1 ttl=60 time=283 ms
^Cset up that MTU for your network connection
ip link set eth0 mtu 1196(note that this is temporary)
answered May 22 at 19:40
törzsmókustörzsmókus
1325
answered May 22 at 19:40
törzsmókustörzsmókus
1325
answered May 22 at 19:40
törzsmókustörzsmókus
1325
answered May 22 at 19:40
törzsmókustörzsmókus
1325
1325
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f120505%2fproblems-with-scp-stalling-during-file-copy-over-vpn%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
I have experienced similar things many times, though I don't have anything that does it reliably right now. It might be interesting to see if hpn-ssh would make a difference.
– sfink
Mar 9 '10 at 7:12