0

I'm running into an issue that has me scratching my head a bit and can't seem to find the right information online to clear things up for me. networking has never been strongest subject, but hopefully, I'm reaching out to the right people for some guidance.

My setup is farely simple, I have 1 client windows laptop that I use to SSH into a linux sever on the same network. Additionally, the laptop uses port forwarding for vnc.

The issue I have is that, just today, I discovered that my internet quality seems to negatively affect my SSH connection (Bad Internet = bad ssh). I began randomly receiving disconnent errors when connecting to my server (network failure software caused abort). I've tried adjusting my tcp keepalives, but it still drops out.

From my limited network understanding, since they are on the same network then any information sent/received from the client doesn't even make it all way down the stack and just looks at the destination IP and reroutes to the server's local IP. Is that a fair over-simplification? So, doesn't this sort of behave like a WLAN and should be independent of internet quality?

If not, would I be able to make it independent of internet using the same router and not disrupt the existing network (other people use this wifi)?

The goal is to to achieve a stable ssh connection on a WLAN that's performance is independent of internet speed. Also, the server doesn't necessarily need access to the internet but my laptop defenitely will (while connected to the server).

Any input would be greatly appreciated.

Thank you

UPDATE 1: After running "mtr -4b google.com" from my linux server, I see the following performance metrics:

enter image description here

Is there any red flags here? or is this typical?

Improve this question
2
  • How do you know "bad Internet" is the cause? Maybe it's a result of your home router not keeping up or something; and "bad SSH" is also a result. Correlation does not imply causation. I'm not trying to belittle your problem; I'm saying the title "Bad Internet causes …" may be a false premise. Commented Aug 17, 2021 at 6:51
  • @KamilMaciorowski Yes, that is true. I will think of a better way to phrase it as I understand more about what's happening. Please see my update, does those numbers mean anything to you? As in, does anything stand out? Commented Aug 17, 2021 at 17:26

1 Answer 1

Reset to default
0

"1 client windows laptop that I use to SSH into a linux server on the same network."

So, the problems manifest when you are connected to the Internet, even if your server and your client do not use Internet.

If this is so (if I misunderstood this, this answer is worthless), then the most likely cause is that your SSHd server is swamped by brute-force attempts from the Internet, that interfere with your own client connecting. If this is so, the problems ought to only verify when connecting, not during the connection itself. I had this happen to me on several different machines, more than once.

If the latter happens (problems during a SSH session, rather than establishing it), then someone is probably trying (and at least partially succeeding) in interfering with your Internet router, for example trying to intercept connections to your server (which, of course, disconnects your client) or reducing bandwidth/resources on the server to the point that it can't keep up the SSH connection or flooding the local network with broken packets. This all, however, seems unlikely to me. You can check it out broadly using any traffic monitoring software, such as iptraf or iftop.

For the brute force problem, check the logs (syslog and auth) to see whether this is actually the case. You can then configure the firewall, use something like fail2ban, or tune the ssh configuration.

Improve this answer
6
  • Or as mentioned by KamilMaciorowski in comments, the router is shot and as a consequence, overall networking is as well. Commented Aug 17, 2021 at 11:08
  • "even if your server and your client do not use Internet." - Yes, it does appear that way, but as @Kamil Maciorowski said, "Correlation does not imply causation". I ran a test frrom my linux machine using "mtr -4b google.com" and it seem to show that I'm experience significant packet loss ? I'm not certain how to interpret this information, but i'm seeing up to 54% packet on some IP, is that abnormal? Commented Aug 17, 2021 at 17:20
  • @Ginnungagap I've added an update with the test numbers, could this point me in a direction of the potential problem? Commented Aug 17, 2021 at 17:27
  • 1
    It would be more interesting to see the packet loss when trying to reach local devices, high packet loss there can be a symptom of a bad cable, bad router, or bad device. Try seeing the packet loss when trying to reach your router if packet loss to a local dive is high. Commented Aug 17, 2021 at 17:30
  • @Ginnungagap Ok, I'll give that a shot. Do you happen to know if mtr has an option to isolate the packet loss to the router or perhaps wireshark? I can try to see how others have done it Commented Aug 17, 2021 at 17:37

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.