ssh tunnelling painfully slow

[NewIT_Marcus]

I have performed a simple test on an Ubuntu desktop and sheevaplug within the local network.

On the Ubuntu PC:

Code:

ssh -L 8888:www.google.co.uk:80 root@192.168.1.222 -N

192.168.1.222 is the address of my Sheevaplug, in my local network.

Now, when I point the browser on my Ubuntu PC to http://localhost:8888/ I see instead http://www.google.co.uk/ . There is a delay of less than 1 second for the page to be displayed.

That is my understanding of what tunnelling is - a connection to one PC / port that is seamlessly routed through another PC / port. (In this case, from port 8888 on the desktop PC to www.google.co.uk, via ssh on a Sheevaplug).

I have not replicated your tests, but you haven't explained all the relevant factors of your procedure. If ssh / tunnelling works in a simple test, but not in a more complex test, then the problem lies in one of the layers of complexity.

You should simplify your test, and build upon it until you hit a problem. At that point, you can be confident that your most recent change introduced that problem.

Right now, it seems to me that you are using several pieces of software on one or more PCs, finding that it doesn't work the way you expect, and pointing the finger at the Sheevaplug. There are plenty other links in the chain; the operating system of your desktop PC(s), your DNS configuration etc.

The simple test that I have performed demonstrates that a Sheevaplug can perform this kind of tunnelling. If you can replicate this test, please do so. Then you can move on to eliminate the other links in your chain, as possible causes of the problem that you are reporting.

[zaxx]

I found this thread while searching for a solution to the same problem on my Sheevaplug. I have managed to correct the problem.

On the Sheevaplug execute "cat /etc/resolv.conf"

If your setting is not correct in here it will cause problems, for example on mine (domain name changed to ensure illusion of privacy) resolve.conf said:

domain MyDomain.com
search Mydomain.com
nameserver 1.2.3.4 (value provided by internet service provider)

After some investigation of the data from wireshark I noticed the following:

- Google Chrome & Firefox correctly forward all dns queries through the ssh tunnel
- Internet explorer never forwards DNS queries through the tunnel

While monitoring using wireshark I found that Internet explorer would get the IP of the remote web-site from the local domain and then use the tunnel to transfer the data packets. Since that is the only difference between a failed Chrome use of the tunnel and the successful Internet Explorer use, I realized that must be the problem.

In order to fix the issue I opened up the web admin on my dd-wrt router and enabled the DNS Server. To do this I followed the instructions posted here:
http://www.dd-wrt.com/wiki/index.php/DNSMasq_as_DHCP_server

Once I reconfigured the router and rebooted the sheevaplug (could just bring the network up and down but I am working remotely, so a reboot it is). After the reboot the resolv.conf file shows the following:

domain mydomain
search mydomain
nameserver 173.23.1.1 (this is the IP address of my router/gateway)

Now after reestablishing the ssh tunnel, I found that Google Chrome is able to successfully complete DNS queries. The tunnel is now working correctly.

I hope this helps you get your sheevaplug working.


Also as an aside, if you are using Google Chrome disable "Use DNS pre-fetching to improve page load performance"

DNS pre-fetching does not make use of the proxy tunnel configuration and therefore it will reveal the domain name of any sites you are visiting. Just something to watch out for.

Good-luck
Zaxx

[alex_c]

hi @ all

have you considert that you up/downloading over many different ways?

also the hardware slows the whole thing down


i use myself a tunnel and its not very fast

but i also have to consider that

<<>>
mobile(hsdpa)>tunnel> Router >Plug> Router>internet>plug>router>mobile
<<>>

with so many different connection speeds has to slow down the traffic