We have a server behind a ace loadbalancer doing sftp and we see constant messages on the server as follows:
Apr 13 10:01:12 nj09mhf5006 sshd[25155]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument
Apr 13 10:01:13 nj09mhf5006 sshd[25168]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument
Apr 13 10:01:17 nj09mhf5006 sshd[25213]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument
Apr 13 10:01:19 nj09mhf5006 sshd[25229]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument
Apr 13 10:01:23 nj09mhf500 sshd[25270]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument
Apr 13 10:01:24 nj09mhf5006 sshd[25288]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument
Does this mean my tcp probe needs tweaking and what should I tweak to? We use a different internal port for ssh and its 22022
This means the SFTP process was trying to enable keep-alives on the connection it received from the loadbalancer, but the loadbalancer is resetting the TCP connection before the SFTP daemon has a chance to write back data to the port on the loadbalancer -- SFTP is likely getting a "connection refused" message from the loadbalancer, since the loadbalancer has already destroyed the connection and no longer has that TCP port open.
my current probe is setup as below:
probe tcp TCP_22022
port 22022
interval 5
passdetect interval 5