Debian Bug report logs - #926229
New QoS defaults break systems running on VMWare

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Christian Ehrhardt <christian.ehrhardt@canonical.com>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: New QoS defaults break systems running on VMWare

Date: Tue, 2 Apr 2019 12:27:47 +0200

Package: openssh-client
Version: 1:7.9p1-9
X-Debbugs-CC: cjwatson@debian.org

This is related, but not the same as [1] and about the new defaults in
regard to QoS.
Due to upstream change [2] the new defaults now mean that ssh is
broken if connecting to (or through) a system running on VMWare.

More details can be found on the Ubuntu bug [3] where this was
reported initially.
As [1] I'd ask for a revert of that change until iptables (for [1]),
vmware (for this bug) and others if identified later will be fixed
(the actual issue is in those components, so sooner or later this
should no more be needed to be reverted).

Final FYI - Fedora [4] took the decision to force the issue by
sticking with the new default.
After all the "workaround" is user controllable being:

Configure your client to use the old defaults permanently in
=> /etc/ssh/ssh_config
Host *
    IPQoS lowdelay throughput
# You might want to limit to your VMware based systems

Or per command via:
 $ ssh IPQoS="latency throughput" user@host

I thought it is better to file it to make you aware of this extra
context to [1] so that you can consider those two requests to revert
[2] together.

[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923879
[2]: https://anongit.mindrot.org/openssh.git/commit/?id=5ee8448ad7c306f05a9f56769f95336a8269f379
[3]: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1822370
[4]: https://bugzilla.redhat.com/show_bug.cgi?id=1624437#c8

-- 
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd

Message #10 received at 926229@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: Christian Ehrhardt <christian.ehrhardt@canonical.com>, 926229@bugs.debian.org

Cc: debian-devel@lists.debian.org

Subject: Re: Bug#926229: New QoS defaults break systems running on VMWare

Date: Tue, 2 Apr 2019 12:32:52 +0100

On Tue, Apr 02, 2019 at 12:27:47PM +0200, Christian Ehrhardt wrote:
> This is related, but not the same as [1] and about the new defaults in
> regard to QoS.
> Due to upstream change [2] the new defaults now mean that ssh is
> broken if connecting to (or through) a system running on VMWare.
> 
> More details can be found on the Ubuntu bug [3] where this was
> reported initially.
> As [1] I'd ask for a revert of that change until iptables (for [1]),
> vmware (for this bug) and others if identified later will be fixed
> (the actual issue is in those components, so sooner or later this
> should no more be needed to be reverted).
> 
> Final FYI - Fedora [4] took the decision to force the issue by
> sticking with the new default.
> After all the "workaround" is user controllable being:
> 
> Configure your client to use the old defaults permanently in
> => /etc/ssh/ssh_config
> Host *
>     IPQoS lowdelay throughput
> # You might want to limit to your VMware based systems
> 
> Or per command via:
>  $ ssh IPQoS="latency throughput" user@host

If it were just the VMware issue, then my inclination would be to leave
OpenSSH as it is: it's proprietary software and the only leverage we
have to get them to fix it is to have their customers complaining.
However, the iptables issue in #923879 seems thornier and it's outside
my field of expertise.

I'm slightly leaning towards reverting this on a temporary basis for
buster, but CCing debian-devel: does anyone have opinions on this?

> I thought it is better to file it to make you aware of this extra
> context to [1] so that you can consider those two requests to revert
> [2] together.
> 
> [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923879
> [2]: https://anongit.mindrot.org/openssh.git/commit/?id=5ee8448ad7c306f05a9f56769f95336a8269f379
> [3]: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1822370
> [4]: https://bugzilla.redhat.com/show_bug.cgi?id=1624437#c8

Thanks,

-- 
Colin Watson                                       [cjwatson@debian.org]

Message #15 received at 926229@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: Christian Ehrhardt <christian.ehrhardt@canonical.com>, 926229@bugs.debian.org, debian-devel@lists.debian.org

Subject: Re: Bug#926229: New QoS defaults break systems running on VMWare

Date: Mon, 8 Apr 2019 11:17:53 +0100

On Tue, Apr 02, 2019 at 12:32:52PM +0100, Colin Watson wrote:
> If it were just the VMware issue, then my inclination would be to leave
> OpenSSH as it is: it's proprietary software and the only leverage we
> have to get them to fix it is to have their customers complaining.

A VMware employee popped up on
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1822370 and
reports that this has been fixed in as-yet-unreleased versions of VMware
Workstation and Fusion.

> However, the iptables issue in #923879 seems thornier and it's outside
> my field of expertise.
> 
> I'm slightly leaning towards reverting this on a temporary basis for
> buster, but CCing debian-devel: does anyone have opinions on this?

After a bit of private conversation about this and due to the lack of
movement on the iptables bug, I'm indeed going to revert this on a
temporary basis for buster, and review later.

Thanks,

-- 
Colin Watson                                       [cjwatson@debian.org]

Message #18 received at 926229-submitter@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: 926229-submitter@bugs.debian.org

Subject: Bug #926229 in openssh marked as pending

Date: Mon, 08 Apr 2019 10:33:43 +0000

Control: tag -1 pending

Hello,

Bug #926229 in openssh reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/ssh-team/openssh/commit/3d05afd871dd7b44ae567776f2773acc874a63f8

------------------------------------------------------------------------
Temporarily revert IPQoS defaults to pre-7.8 values

This is just until issues with "iptables -m tos" and VMware have been
fixed.

Closes: #923879, #926229
LP: #1822370
------------------------------------------------------------------------

(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/926229

Message #25 received at 926229-close@bugs.debian.org (full text, mbox, reply):

From: Colin Watson <cjwatson@debian.org>

To: 926229-close@bugs.debian.org

Subject: Bug#926229: fixed in openssh 1:7.9p1-10

Date: Mon, 08 Apr 2019 10:49:54 +0000

Source: openssh
Source-Version: 1:7.9p1-10

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 926229@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 08 Apr 2019 11:13:04 +0100
Source: openssh
Architecture: source
Version: 1:7.9p1-10
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Closes: 923879 926229
Changes:
 openssh (1:7.9p1-10) unstable; urgency=medium
 .
   * Temporarily revert IPQoS defaults to pre-7.8 values until issues with
     "iptables -m tos" and VMware have been fixed (closes: #923879, #926229;
     LP: #1822370).
Checksums-Sha1:
 63e0bffc771c0a2d8be9e5c8b906f5ed263d2e52 3165 openssh_7.9p1-10.dsc
 f4f2fb7f92f7f5aa9bef9d2c5864dc8c1cc92cbe 172960 openssh_7.9p1-10.debian.tar.xz
 4dc7f1bbc1d3bcaa3c8d6e9411cd6c1ea02855d3 14678 openssh_7.9p1-10_source.buildinfo
Checksums-Sha256:
 88d06343d14fad5f72c2d2594b1f108fdcc1967ed7bff7e6e5668e78547ede01 3165 openssh_7.9p1-10.dsc
 d726560e4f437c0385d88a9c06562fe9659646f060574da96a7bd8981113391f 172960 openssh_7.9p1-10.debian.tar.xz
 17e56b2b06f468cd67c3d901535b1a37cdb15fe6319901eb63ee7df1d0acd78c 14678 openssh_7.9p1-10_source.buildinfo
Files:
 c5a99c5d0e7372a6fd5239882df2e2a7 3165 net standard openssh_7.9p1-10.dsc
 e18fb0283d208658441996acec990b65 172960 net standard openssh_7.9p1-10.debian.tar.xz
 736b73b53908af17520514c4f130f29c 14678 net standard openssh_7.9p1-10_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAlyrHsgACgkQOTWH2X2G
UAtCCg/+NS3xHYQlZR1s+/3nCzfIbw/6DOeC+V341WfFPODbRcKRja9Bblzq+wJN
/bOpgcocT0oK8xyBRT055a2ehDml5jWi7A2jhAvwb92FKi0sJhC6rXLJXi99BXNA
3GIGzuGWEMSHmIRdcT+zpY+EyfdGzAdolA4v4xyQZPXdLEFRb17Qlro4DyKsX36P
c1lYw9ydwLB4C7b7zJudq0Xj3edlyv/dzN3i8wxGQIZUq3UW4re8H1ql2rcaQwFB
qWRWb8VDKYTBd62kaJlqGZVWdAibuSfW7FfY7xg1XgCAYxpAbAdL8bueH5uvDt5i
ITKZEi7fh4/kYFwX9SvdKCUMo4vGqZOGebnPUs9gUuXx5IblzZZ5UpmtRHLbvbVy
zrRvpXgG+sr70zgCReYmE9X2tx7yIq6zBI+JE2vNrvGuNl1C8s4XF1vF8yjebA5k
Mc2hDh2Kfr62AaQ0/LDwpgk4ypyID/4VzmsydZzDJj1gbnVhB2G7pjCnB3cnkv4x
6DHnNiplaRiN3gkBhKJB1A5Kam3n+fxI1M5T2PkozHzI7lDzyq6wgqKZCNp8KypF
4wnns2X5ddrt42WZNpvXob4USFJozNHnJFgU0qI/oNUwE5HjBN9V+++SWkRclgnm
dUNkIeYK7Pxeu8yT4dRs63LmvB15NrOF2M35P/525bn3uXJEEHs=
=Q4+q
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.