TPG Community

Get online support

Can't connect ssh in TPG nbn

chrisltg01
Level 2

Just move home, and installed TPG nbn (previously using telstra adsl)

 

When try to ssh one AWS ec2 server, it always failed, (It works well in telstra adsl.)

 

 

packet_write_wait: Connection to xx.xx.xx.xx port 22: Broken pipe

 

Anyone encounter the similar problem? 

 

Thanks.

 

Chris

11 REPLIES 11
david64
Level 12

Hi @chrisltg01 . You are using a ssh client on remote device to connect to ssh server on your home computer?

Having made the change to NBN, have you set up DDNS and port forwarding on your new router?

The ip address in the log matches the hostname you are using. There is a ssh server at that ip address; it is version 7.4.

Are you familiar with packet capture software? Wireshark or Tcpdump.

Have you looked on the internet for this problem? Search on   packet_write_wait broken pipe

chrisltg01
Level 2

Hi David, 

 

Here is what I exactly want to do,

 

sudo ssh -nNT ec2-user@dev-bastion.xxx.com -i ~/keys/bastion_dev.pem -L 5434:xxx-dev-aurora-postgresql-2.xxx.rds.amazonaws.com:5432

 

I am using bastion to connect remote database (port 5432) from local computer (port 5434), after that command executed, below command could work to connect db from local computer.

 

psql -U masteruser -p 5434 -h 127.0.0.1

 

I did not setup DDNS, the screen shot is as below.

 

All command still work when I connect to another network (telsta adsl), but just not working under TPG.

 

Thanks.

 

Chris

 

 

david64
Level 12

@chrisltg01 . DDNS is used if you have a server and people need to connect directly to it from the internet. It seems that you start a ssh session between your local computer (port 5434) and Bastion as an intermediary. Bastion starts a session to the remote database at the port number (5432) and host name in the command. Data flows between remote database and local computer through Bastion. So it doesn't matter what your public ip address is nor if it changes. Also, port forwarding is not needed because no-one connects in.

Is my understanding correct?

 

Can you check on the ADSL router whether port forwarding is used.

Is port 5434 on the local computer open? Required for the psql command.

Is the ssh command still getting the Broken pipe error? I can't think how an NBN connection for your home computer would differ from an ADSL connection. What is the ping response time from your local computer to Bastion on NBN compared to ADSL?

chrisltg01
Level 2

Hi David,

 

In ADSL, when I executed below command,

 

sudo ssh -vvtnNT ec2-user@52.65.43.206 -i ~/keys/bastion_dev.pem -L 5434:dev-database-xxxxxx.amazonaws.com:5432

 

I got below contents,

 

 

 

after that if I execute, db can be connected.

 

psql -U masteruser postgres -p 5434 -h 127.0.0.1
Password for user masteruser:
psql (13.0 (Ubuntu 13.0-1.pgdg18.04+1), server 10.14)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.

postgres=>

 

From my points of view there is no specific setting in adsl, since I use default setting in telstra adsl and tpg nbn

 

Thanks.

 

chris

chrisltg01
Level 2

Executed below command in TPG NBN,

 

sudo ssh -vvtnNT ec2-user@52.65.43.206 -i ~/keys/bastion_dev.pem -L 5434:dev-database-xxxxxx.amazonaws.com:5432

 

Something hang there after below steps

 

 

 

Then after everal minutes, there is

 

packet_write_wait: Connection to xx.xx.xx.xx port 22: Broken pipe

david64
Level 12

@chrisltg01 . I don't know what ssh is doing at the point it stops on TPG. 

What is the router model you have for Telstra ADSL? Is uPnP enabled on it? (Disabled by default on VR1600)

Do you have packet capture software (Wireshark, Tcpdump) on your computer?

chrisltg01
Level 2

@david64 , uPnP is enabled in my TPG by default, it is tp-link vx420-g2v

 

My local computer is windows wsl2,

 

$ cat /etc/os-release
NAME="Ubuntu"
VERSION="18.04.5 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.5 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

 

The tcpdump is installed.

 

$ tcpdump --version
tcpdump version 4.9.3
libpcap version 1.8.1
OpenSSL 1.1.1 11 Sep 2018

david64
Level 12

@chrisltg01 . Can you use Tcpdump to capture network traffic in each case. Capture to separate files. Copy and paste the text output of Tcpdump into your reply. You may have to trim the output depending on how long it is. In the TPG case, the trace will stop at the point the debug stops, So the last several data packets. In the ADSL case, from the same point as TPG but continue on to the end. Wanting to see what the client sends in the TPG case and what comes back in the ADSL case.

david64
Level 12

@chrisltg01 . Any update? Interested to know if you have solution.