Posts tagged SSH

Findings

The developers of SSH have recognised that it is the application that should request the QoS required from the underlying layers.

In the case of SSH they have recognized that SSH supports two different traffic groups on a session by session basis, so if you are using an interactive ssh session the application will request a DSCP value that can be configured in the ssh_config file. The use of SCP as a session will mean that a different configurable DSCP marking will be applied.

By default ssh sessions are configured for “low delay” and SCP for “throughput”.

Now comes the problem.

The current versions ignore the option set in the config files effectively making the default settings no better than “hard coded”.

Implementation

I have reluctantly decided that while this issue remains in the application; I have no way forward than to use the mangle tables of IP Tables to mark the traffic based on socket number.

I will provide a full list of my IP tables mangle options in another post.