rlucas.net: The Next Generation Rotating Header Image

FIX: SSH or telnet sessions timeout and drop connection on DSL or Cable modem behind NAT router

I use SSH for everything from tunnelling outbound mail in order to avoid port 25 blocks on the freenet providers (such as www.personaltelco.net) to simple terminal sessions.  Also, most all of the time I am hooked up via a DSL or Cable modem with a router in front of it playing NAT tricks to get me to the outside network.  After about an hour (sometimes less) the SSH just hangs; from a Mac OS X terminal session it's just unresponsive and needs to be killed, whereas on PuTTY on Windows, once it realizes the connection is no good it pops up a “Network error: Software caused connection abort” message.  The problem seemed to be worse with DSL from Verizon and Qwest, and seemed to be very mild with AT&T/Comcast cable in Cambridge, 02138 (advice: in Cambridge, you can't go wrong with the Comcast digital cable.  I was getting speeds of (I seem to remember) almost a megabyte per second down and could pull down entire ISOs in minutes; debian net install on an old p233 was disk i/o limited and not network limited by what I could tell.

Happily, the good people at DSL Reports (www.dslreports.com) have put together an FAQ on this subject including some specific configuration options and links to more info:


More on this as I determine if it actually works.

Update: So far, so good; a thunderstorm passing through caused a brief power cycle and that definitely reset the connection, but it seemed to hold otherwise, for example during lunch.  The real test will be leaving terminal sessions overnight.

Update: While looking for info on a superficially related problem, I came across this slashdot thread:


This may also provide some assistance to seekers of info on this topic.  However! importantly, you should also examine the lengthy parenthetical in http://blog.rlucas.net/ancient/info-what-happens-to-ssh-every-21115/ to determine if this is really your problem — the link to a TCP/IP theory page should help you as well.  This caveat is necessary because there are really two opposite problems that both manifest as “dropped ssh terminal sessions:” one, a NAT table on a cable/dsl router could be timing out (which argues for more frequently sending keepalive packets), or two, your connection could be flaking out briefly but coming back up fairly quickly (which argues against sending frequent keepalives).


  1. hank says:

    That’s from ” Dec 31st, 1969″ ??

    Well, it’s still needed advice (sigh).

  2. hank says:

    That’s from ” Dec 31st, 1969″ ??

    Well, it’s still needed advice (sigh).
    But the third link to Harvard Law is not found.

  3. rlucas says:

    Thanks, Hank. I fixed the old link to when the blog was hosted at Harvard. The article I had pointed to now lives at http://blog.rlucas.net/ancient/info-what-happens-to-ssh-every-21115/

  4. thinker says:

    Internet itself came around 1980’s only. This article in 1969 ? something fishy.

  5. rlucas says:

    Possibilities: 1. I used a time machine actually historically to write that article years before the birth of TCP/IP, SSH, or myself. 2. The date on the article has something to do with the Unix epoch and what happens when miserable pseudo-RDBMS monstrosities use “zero” when they mean NULL.

Leave a Reply

Your email address will not be published. Required fields are marked *