cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
383
Views
1
Helpful
1
Replies

SSH doesn't work, then 1 minute later SSH works. Why?

Hello.

I try to Putty SSH into a geographically distant 2960x , IOS 15.2(6r)E, it times out.

I tracert via Windows CLI, success.

I ping via Windows CLI, success.

Pinging 172.16. with 32 bytes of data:
Reply from 172.16. bytes=32 time=26ms TTL=253
Reply from 172.16. bytes=32 time=23ms TTL=253
Reply from 172.16. bytes=32 time=30ms TTL=253
Reply from 172.16. bytes=32 time=23ms TTL=253

Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 30ms, Average = 25ms

Again I try to Putty SSH , now it succeeds. (This symptom is intermittent with a few boxes.)

Why did the SSH connection never connect at all (timeout) on the 1st attempt?

Thank you.

1 Reply 1

pieterh
VIP
VIP

without more detail, it is only guessing.
draw a diagram of all the devices in between your path

first: each router in the path needs to reach the next-hop router
if the MAC address of this next-hop is not in the ARP cache an ARP request must performed to determine the MAC adress
only after this step (Layer-2 in the OSI) the TCP/IP packet can me forwarded (Layer-3)
depending on how many routers do NOT have the next hop cached the delay increases
after the ping and traceroute tests, all ARP caches are up-to-date and the SSH connection can succeed in a timely manner

second if there is a VPN-connection in between then this may need to be dynamically established before packets are forwarded through the tunnel

you could consider to increase your SSH timeout values, but best to leave them at default

Review Cisco Networking for a $25 gift card