Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACE probe keepalive issue

We have a server behind a ace loadbalancer doing sftp and we see constant messages on the server as follows:

Apr 13 10:01:12 nj09mhf5006 sshd[25155]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument

Apr 13 10:01:13 nj09mhf5006 sshd[25168]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument

Apr 13 10:01:17 nj09mhf5006 sshd[25213]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument

Apr 13 10:01:19 nj09mhf5006 sshd[25229]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument

Apr 13 10:01:23 nj09mhf500 sshd[25270]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument

Apr 13 10:01:24 nj09mhf5006 sshd[25288]: [ID 800047 local7.error] error: setsockopt SO_KEEPALIVE: Invalid argument

Does this mean my tcp probe needs tweaking and what should I tweak to? We use a different internal port for ssh and its 22022

This means the SFTP process was trying to enable keep-alives on the connection it received from the loadbalancer, but the loadbalancer is resetting the TCP connection before the SFTP daemon has a chance to write back data to the port on the loadbalancer -- SFTP is likely getting a "connection refused" message from the loadbalancer, since the loadbalancer has already destroyed the connection and no longer has that TCP port open.

my current probe is setup as below:

probe tcp TCP_22022

port 22022

interval 5

passdetect interval 5

1 REPLY
Bronze

Re: ACE probe keepalive issue

In order to resolve this issue you need to set "KeepAlive no" in the sshd_config file.

711
Views
0
Helpful
1
Replies
CreatePlease to create content