#StackBounty: #linux #ssh #firewall #docker #redis ssh connection timed out, why sudo service sshd restart resolves it?

Bounty: 50

I have a little tricky behavior I can’t explain. I have a virtual machine running Ubuntu 18.04.4, docker19.03.6and arediscontainer. Hosted on aWindows 2019` Hyper-V machine.

There’s a second virtual machine (same network but different physical server) running W2k19 and a redis-client connecting to the redis instance.

Due to bad configuration from time to time redis overwhelms the Ubuntu machine, using too much memory, and producing thousands of *connection timed out* exception in the redis-client.

When this happens, all connections between machines stop working. If I try to connect via ssh from the W2k19 machine to Ubuntu or using telnet from the same machine on any port, I get a *connection timed out*.

Like if something on the Linux machine did an auto ban of the IP address of the w2k19 machine. From any other machine I can connect via ssh, telnet and so on.

  • Ufw is turned off
  • We dont’t have fail2baninstalled
  • iptables is configured with all ports open

But we still can’t connect. We reproduced the behavior on another machine, a second VM with W2k19 and the same redis-client.

What we found out would reestablish the connections between those machine was a restart of the ssh service on the Ubuntu machine combined with a reboot of the W2k19 machine.

Just the single sudo service sshd restart is not enough, and just a reboot of the W2k19 machine is not enough. I can’t figure out what’s going on, and we cannot accept as a standard procedure in these cases to restart the ssh service and reboot the machine.

But so far we are not being able to figure out what rule/configuration whatsoever is blocking the connections. It has to do something with the ssh service probably, since restarting it does contribute to restore the connections, but how?

And why restarting the ssh service (and rebooting the W2k19 machine) is actually unblocking the connection to the redis 6379 port?

Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.