Bug 42332 - "Starting Broker ... Disconnected from Mac ... An error occurred while closing underlying channel. Error code: 10054 ... An existing connection was forcibly closed by the remote host" when Mac build host is connected to a VPN with Cisco AnyConnect
Summary: "Starting Broker ... Disconnected from Mac ... An error occurred while closin...
Alias: None
Product: Visual Studio Extensions
Classification: Xamarin
Component: XMA ()
Version: 4.1.0 (C7)
Hardware: PC Windows
: Normal normal
Target Milestone: Future Cycle
Assignee: mag@xamarin.com
Depends on:
Reported: 2016-07-01 21:33 UTC by Brendan Zagaeski (Xamarin Team, assistant)
Modified: 2017-07-19 13:28 UTC (History)
7 users (show)

Is this bug a regression?: No
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.

Please create a new report for Bug 42332 on Developer Community if you have new information to add and do not yet see a matching new report.

If the latest results still closely match this report, you can use the original description:

  • Export the original title and description: Developer Community HTML
  • Copy the title and description into the new report. Adjust them to be up-to-date if needed.
  • Add your new information.
Related Links:

Description Brendan Zagaeski (Xamarin Team, assistant) 2016-07-01 21:33:04 UTC
"Starting Broker ... Disconnected from Mac ... An error occurred while closing underlying channel. Error code: 10054 ... An existing connection was forcibly closed by the remote host" when Mac build host is connected to a VPN with Cisco AnyConnect

## Regression status: most likely _not_ a regression at least as far back as the original SSH build host connection in Cycle 6

## Suspected environmental factors required to replicate

1. Install "Cisco AnyConnect" VPN software on the Mac build host running OS X 10.11 El Capitan [1].  (Testing this bug will likely require some research about how to get a license for Cisco AnyConnect.)

2. Connect to a VPN using "Cisco AnyConnect".

3. Run Windows 10 in VMWare Fusion [2] on the Mac build host.  Use the "Share with my Mac" network settings (NAT).

4. In the Xamarin connection dialog in Visual Studio [3], enter the IP address of the Mac build host by hand to attempt to connect [4].

[1] Note that the reporting user started seeing the issue after updating to OS X 10.11 from OS X 10.10.  That is an interesting bit of information, but I suspect it might be mostly a "lucky coincidence" that the problem did not happen on OS X 10.10.

[2] The reporting user has VMWare Fusion Pro 8.1.

[3] The reporting user has Visual Studio 2015 Enterprise.

[4] The results are the same when the user attempts to connect via the Bonjour list or via direct IP address.  Using the direct IP address cuts down on the number of variables involved in the test.

## Additional environment notes

The user checked the output of `sudo pfctl -sa` on the Mac to see if "Cisco AnyConnect" might be adding any `pf` rules.  That command showed that `pf` was not enabled at all.

## BAD Results (with Cisco AnyConnect VPN connected)

- The connection closes approximately 9 seconds after XamarinVS attempts to start the Broker (excerpts from the `*Ide.log` file):

> Xamarin.Messaging.VisualStudio.MessagingService Information: 0 : [2016-05-13 10:07:39.2564] Starting Broker in port 57571...

> System.Net.Mqtt.TcpChannel Warning: 0 : [2016-05-13 10:07:48.8846] The TCP Network Stream has completed sending bytes. The observable sequence will be completed and the channel will be disposed

> Xamarin.Messaging.Client.Ssh.SshCommandRunner Information: 0 : [2016-05-13 10:07:49.1627] MacServer State transition from SshConnectingState to DisconnectedState ...

- As expected based on the `*Ide.log` file, the `system.log` file from the Mac build host shows nothing unusual about the SSH authentication process.  The SSH authentication process succeeds, and when the connection closes, the `system.log` file shows the standard message for a disconnect.

- Running the Broker command by hand over `ssh` via the MSYS version of OpenSSH that is packaged in Git for Windows [5] succeeds.  Example successful command line:

> ssh user@ "/Library/Frameworks/Mono.framework/Versions/Current/bin/mono Library/Caches/Xamarin/XMA/Broker/ 53863 1234 2016-05-12__12_34_56"

[5] https://git-for-windows.github.io/

- Based on a packet capture of the network traffic between the Mac build host and the Windows VM, it looks like the Windows side is sending the first FIN packet, so it would seem that the Windows side is aborting the connection.

## GOOD Results (after disconnecting Cisco AnyConnect VPN and rebooting the Windows VM)

The Broker starts successfully and the build host connection works as desired. 

## Additional version info (brief)

XamarinVS (0dd817c)
Comment 3 Brendan Zagaeski (Xamarin Team, assistant) 2016-07-01 21:52:15 UTC
The motivation for wanting to keep the VPN connected throughout development is to get the best experience for debugging using various iOS simulators and Android emulators against internal (VPN-access) servers.