Solved

Mysterious loss of telnet session connections

Posted on 2002-06-27
7
471 Views
Last Modified: 2013-12-27
Got Solaris 8 (with latest 8_Recommended patches) running on a Sun Blade 100.  Mysterious thing is that on this box only (there are a couple other nearly identical machines where I don't have this problem), I'm having a very hard time keeping idle telnet sessions open.  Once left unattended, the telnet session abruptly disconnects after somewhere between 10 minutes and 5 hours of idle time.  I haven't been able to pinpoint what causes the variance in time, but it definitely happens each time even though the actual timing is inconsistent.

The users in question have /bin/sh as their shell and no TIMEOUT or similar environment variable set.

Any suggestions as to why these sessions are being disconnected and how to trace back the cause of the disconnect?  Happens when directly connected to the machine via the local ethernet segment, remote connection via dialup and via VPN.
0
Comment
Question by:tphipps
  • 3
  • 2
  • 2
7 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7113373
Solaris has a TCP-timeout for idle connections which is 2 hours, usually. Not shure if this applies to Solaris 8 too.
0
 
LVL 38

Accepted Solution

by:
yuzh earned 100 total points
ID: 7115487
Check the /etc/saf/zsmon/_pmtab file to see if timeout is set, you can delete the timeout entry (make a backup of the
file before you use vi to cahnge it.

Here' some infor about the file format:


/etc/saf/*/_pmtab:

  {svc_tag}:{flags}:{id}:reserved:reserved:reserved:
  {device_path}:{tty_flags}:{return_count}:{service_path}:{timeout_seconds}:
  {tty_def}:{streamio_modules}:{login_prompt}:{disabled_msg}:{term_type}:
  {softcar_yn}:# {comment}

/etc/saf/_smtab:

  {pm_tag}:{pm_type}:{flags}:{restart_count}:{monitor_path args} # comment

   
0
 

Author Comment

by:tphipps
ID: 7115829
Thanks for the suggesions yuzh.

My /etc/saf/zsmon/_pmpipe file only references the hardwired serial ports /dev/ttya and /dev/ttyb.  It doesn't reference any of the pseudo ttys created for telnet sessions.  I was under the assumption that entries in this file are only for physically connected devices.  Am I wrong?  Should I try to create entries for the pts/n devices?

Here's my contents of the file

# VERSION=1
ttya:u:root:reserved:reserved:reserved:/dev/term/a:I::/usr/bin/login::9600:ldter
m,ttcompat:ttya login\: ::tvi925:y:#
ttyb:u:root:reserved:reserved:reserved:/dev/term/b:I::/usr/bin/login::9600:ldter
m,ttcompat:ttyb login\: ::tvi925:y:#
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 38

Expert Comment

by:yuzh
ID: 7120877
It looks like the timeout is set in somewhere else on your system, please don't edit the /etc/saf/*/_pmtab. We'll try
to find the source of the configuration setting.

Have a look at your /etc/default/login file for the shell timeout, if you see
TIMEOUT=300  (or other value), comment it out, and then reboot your system, see how it goes.

 

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7121278
> .. then reboot your system,
This is UNIX, not M$. You don't need to reboot ;-)
0
 

Author Comment

by:tphipps
ID: 7121298
I think I've solved this.  It appears to be two different factors:

1) Whe connected to the machine (it's at home) from work, the dropped sessions can be blamed on a 600 second idle TCP timeout that our firewall seems to have in place for all outbound sessions.

2) When connected to the machine from home on the local segment, the dropped connections can most often be traced back to VPN connect/disconnects.  It seems that about 50% of the time I initiate a VPN (Cisco VPN client) connection, it drops existing TCP connections to local hosts.

Thanks all for the suggions. Giving points to yuzh given that I learned a lot about the /etc/saf* tree in the process!
0
 

Author Comment

by:tphipps
ID: 7121299
Thanks Yuzh... This wasn't the solution, but some good info.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now