ssh over WAN: TCP window too small
Jan Mikkelsen
janm at transactionware.com
Wed Aug 26 23:34:56 UTC 2015
Hi,
> On 26 Aug 2015, at 08:47, Chris Stankevitz <chris at stankevitz.com> wrote:
>
> Hi,
>
> # cat /dev/urandom | ssh root at host 'cat > /dev/null'
>
> I use the above ssh command over a high-BDP WAN link (80 ms @ 100 Mbps). tcpdump shows I am TCP window limited to 64 KBytes (yielding 5 Mbps). iperf with default options gets the window opened to 500 KBytes (yielding 35 Mbps).
Given that you are TCP window limited, do you have something in the middle preventing the windows size negotiation from working? A stateful firewall somewhere, perhaps?
> Both sides of the connection: FreeBSD 10.1 w/default sshd options (except I permit root login). In particular, HPN is not disabled.
>
> Can anyone explain my abysmally small TCP window?
>
> Can anyone recommend some tools/tricks to figure out what in FreeBSD and/or base SSH is limiting the send/recv buffer and/or TCP window?
Regards,
Jan.
More information about the freebsd-net
mailing list