SSH port forwarding is holding forwarded port in CLOSE_WAIT

[David Konerding]

Hi,

After you close a SSH window that has a port forwarding, the forwarded port remains in CLOSE_WAIT for a while.  I think you are not calling close() on the socket associated with the port forward.

Repro:

create an SSH configuration with a port forward

open the connection

verify the port forward works

close the window

sudo netstat -tanp | grep <port>

will show the port is in CLOSE_WAIT.

[Robert Ginda]

Thanks for the report, I filed http://code.google.com/p/chromium-os/issues/detail?id=35642 to track this issue.

Rob.

[Dmitry Polukhin]

Hi David,

I'm investigating your defect report. I almost reproduced this behavior but I see that normal Linux ssh has the same behavior and the port is in TIME_WAIT state so it doesn't prevent you using forwarded port again. Please notice that port in TIME_WAIT state is not the port that SSH listen to but it is stream port that was created for incoming connection.

When forwarded port is actively used:

tcp        0      0 127.0.0.1:8022          0.0.0.0:*               LISTEN      23528/chrome    

tcp        0      0 127.0.0.1:43966         127.0.0.1:8022          TIME_WAIT   -               

After closing tab:

tcp        0      0 127.0.0.1:43966         127.0.0.1:8022          TIME_WAIT   -               

Do you observe any problem due to this stale port? What are you OS, Chrome and Secure Shell versions?

    Thanks,
    Dmitry

[David Konerding]

Yes.  The problem I observe is that, if you have an open SSH connection with a port forward, and you reload or close the window and try to re-establish the SSH connection with a port forward, you get the error

"port 2222 is already bound", or something like that, and port 2222 will not act as a port forward.  If I wait a minute until the TIME_WAIT port is cleaned up, then re-establish SSH, it's OK.

So I always have to wait a minute.  This is a problem on my laptop since the old ssh session is often hung after exit sleep mode.

[Dmitry Polukhin]

It is strange because I was able to close tab/refresh and immediately after that enable port forward without any delay. Perhaps it is somehow sleep related. In general code in Chrome closes all sockets when render process for the tab is gone. What are your OS and Chrome versions?

I tested it on Linux with Chrome 22.0.1229.94. Perhaps it is OS specific.

[David Konerding]

OK.  I've got a machine which is in exactly this state right now.  Let me capture all the data I can:

Chrome 23.0.1271.52 beta

Running on Ubuntu Precise

Secure Shell beta

Was just unsuspended

SSH was connected to a remote host, with the port forwarding -L 2222:localhost:22

with the "hung" SSH window (presumably, the SPDYProxy TCP connection has broken), I see:

tcp        0      0 127.0.0.1:2222          0.0.0.0:*               LISTEN      17571/chrome    

tcp        0      0 127.0.0.1:2222          127.0.0.1:58079         ESTABLISHED 17571/chrome    

tcp        0      0 127.0.0.1:58079         127.0.0.1:2222          ESTABLISHED 31874/nxssh     

as soon as I close the window:

tcp        0      0 127.0.0.1:58079         127.0.0.1:2222          TIME_WAIT 31874/nxssh     

If I try to open another ssh session with that forward, I get "Cannot bind port 2222"

Note: I tried to reproduce this, and it's not easy.  It seems like you have to leave the laptop suspended for a long time for the SPDYProxy connection to get wedged.