Misleading error no route to host if SSH port is unreachable

[eldios]

What happened:

Connected successfully a new node to existing cluster.

When tried to connect back to said node, it failed with error no route to host even though network routing was fine from the proxy to the target node.

Sep 28 01:58:43 proxy-node teleport[1177]: ERRO [NODE]      dial tcp 192.168.152.188:3022: connect: no route to host regular/sshserver.go:1262

# ip route get 192.168.152.188
192.168.152.188 dev br0 src 192.168.155.1 uid 0 
    cache 
# ping -c1 192.168.152.188
PING 192.168.152.188 (192.168.152.188) 56(84) bytes of data.
64 bytes from 192.168.152.188: icmp_seq=1 ttl=64 time=0.208 ms
--- 192.168.152.188 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.208/0.208/0.208/0.000 ms

What you expected to happen:

Give back a connection timeout or connection rejected or other more indicative error of the actual issue that was happening (firewall blocked the request), instead of no route to host which is very misleading in this case.

How to reproduce it (as minimally and precisely as possible):

Just setup iptables to REJECT or DROP connections on port 3022 and try to connect via tsh to said node.

Environment:

• Teleport version (use teleport version): 4.0.9
• Tsh version (use tsh version): 4.0.9
• OS (e.g. from /etc/os-release): ArchLinux