TCP?
I have a new problem on my server. TCP connections are very slow.
For example, if I # telnet localhost 25 I get the sendmail prompt immediately. But, if I do # telnet 172.20.20.2 25 I get connected immediately, but the sendmail prompt comes up about 2 minutes later. Same for 10.0.0.1. Both IPs are on the same host, different NICs. If I ssh to the machine, it's the same thing. This is causing email to time-out and is not sent. I've checked DNS and bad NICs, but nothing looks bad. Nothing has changed from my standpoint. I've rebooted my switches and firewall and still nothing changes. I ran chkrootkit and see nothing different from when things were running smoothly. I do have a lot of things in my iptables, so I did iptables -F and tried sending an email. It still timed out... Any thoughts? --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP@ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
TCP?
Karl Pearson wrote:
I have a new problem on my server. TCP connections are very slow. For example, if I # telnet localhost 25 I get the sendmail prompt immediately. But, if I do # telnet 172.20.20.2 25 I get connected immediately, but the sendmail prompt comes up about 2 minutes later. Same for 10.0.0.1. Both IPs are on the same host, different NICs. If I ssh to the machine, it's the same thing. This is causing email to time-out and is not sent. I've checked DNS and bad NICs, but nothing looks bad. Nothing has changed from my standpoint. I've rebooted my switches and firewall and still nothing changes. I ran chkrootkit and see nothing different from when things were running smoothly. I do have a lot of things in my iptables, so I did iptables -F and tried sending an email. It still timed out... Any thoughts? This is a DNS issue. Both sendmail and ssh are trying to find out where the connection is coming from by doing a reverse DNS lookup on the client IP. If there is no DNS service OR there's no "PTR" records in DNS which correspond with the IP the client is presenting, the system will take a LONG time before they time out and operations continue. For ssh, you can edit the /etc/ssh/sshd_config file and set UseDNS no (the default is "UseDNS yes"). There is a similar type of option in sendmail, but I don't have my bat book handy to tell you what it is. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - If you can't beat your computer at chess...try kickboxing! - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
TCP?
I should have mentioned that you'll need to "service sshd restart" after
making the change to sshd_config. You'll need to restart sendmail as well if you change its config. And if you're asking "why doesn't it fail when I specify 'localhost'?" remember that localhost is in your /etc/hosts file. When you "ssh localhost" or "telnet localhost 25", the host AND CLIENT IPs are 127.0.0.1 which corresponds to "localhost" in /etc/hosts. I try to give full explanations when I post and I missed it that time. Sorry! ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - When you don't know what to do, walk fast and look worried. - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
TCP?
On Thu, October 16, 2008 11:31 am, Rick Stevens wrote:
> I should have mentioned that you'll need to "service sshd restart" after > making the change to sshd_config. You'll need to restart sendmail as > well if you change its config. > > And if you're asking "why doesn't it fail when I specify 'localhost'?" > remember that localhost is in your /etc/hosts file. When you "ssh > localhost" or "telnet localhost 25", the host AND CLIENT IPs are > 127.0.0.1 which corresponds to "localhost" in /etc/hosts. > > I try to give full explanations when I post and I missed it that time. > Sorry! I had already tried DNS settings. I edited nsswitch.conf and changed it to files first, then dns, with this line: hosts: files dns [NOTFOUND=return] files and made sure the IPs are in /etc/hosts, which they already were. One email went out with alpine from another PC, but nothing more and it took just about long enough to time out. Watching it in ps ax showed startup with 172.20.20.100 then cmd read: 172.20.20.100 but all the other ones show the startup line only, then when it times out on the client, it changes from the IP to the entry in the hosts file. It's like something is preventing things from moving. I'm wondering if I have a bad cable or switch. I am going to try sshd_config right now and see if that works. Remember, this is the box that got duplicate libs which I had to manually delete. There are a few duplicates again. It may not be related.... Okay, changing UseDNS no didn't help at all. Still taking a couple minutes to connect via ssh. Karl > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer ricks@nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - When you don't know what to do, walk fast and look worried. - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list@redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request@redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP@ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
TCP?
Karl Pearson wrote:
On Thu, October 16, 2008 11:31 am, Rick Stevens wrote: I should have mentioned that you'll need to "service sshd restart" after making the change to sshd_config. You'll need to restart sendmail as well if you change its config. And if you're asking "why doesn't it fail when I specify 'localhost'?" remember that localhost is in your /etc/hosts file. When you "ssh localhost" or "telnet localhost 25", the host AND CLIENT IPs are 127.0.0.1 which corresponds to "localhost" in /etc/hosts. I try to give full explanations when I post and I missed it that time. Sorry! I had already tried DNS settings. I edited nsswitch.conf and changed it to files first, then dns, with this line: hosts: files dns [NOTFOUND=return] files and made sure the IPs are in /etc/hosts, which they already were. One email went out with alpine from another PC, but nothing more and it took just about long enough to time out. Watching it in ps ax showed startup with 172.20.20.100 then cmd read: 172.20.20.100 but all the other ones show the startup line only, then when it times out on the client, it changes from the IP to the entry in the hosts file. It's like something is preventing things from moving. I'm wondering if I have a bad cable or switch. I am going to try sshd_config right now and see if that works. Remember, this is the box that got duplicate libs which I had to manually delete. There are a few duplicates again. It may not be related.... Okay, changing UseDNS no didn't help at all. Still taking a couple minutes to connect via ssh. Ok, then check your default routes, "netstat -rn" and verify that the one with "UG" is indeed your default gateway. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Hard work has a future payoff. Laziness pays off now. - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
TCP?
On Thu, October 16, 2008 12:05 pm, Rick Stevens wrote:
> Karl Pearson wrote: >> On Thu, October 16, 2008 11:31 am, Rick Stevens wrote: >>> I should have mentioned that you'll need to "service sshd restart" after >>> making the change to sshd_config. You'll need to restart sendmail as >>> well if you change its config. >>> >>> And if you're asking "why doesn't it fail when I specify 'localhost'?" >>> remember that localhost is in your /etc/hosts file. When you "ssh >>> localhost" or "telnet localhost 25", the host AND CLIENT IPs are >>> 127.0.0.1 which corresponds to "localhost" in /etc/hosts. >>> >>> I try to give full explanations when I post and I missed it that time. >>> Sorry! >> >> I had already tried DNS settings. I edited nsswitch.conf and changed it to >> files first, then dns, with this line: >> hosts: files dns [NOTFOUND=return] files >> >> and made sure the IPs are in /etc/hosts, which they already were. One email >> went out with alpine from another PC, but nothing more and it took just >> about >> long enough to time out. Watching it in ps ax showed >> >> startup with 172.20.20.100 >> then >> cmd read: 172.20.20.100 >> >> but all the other ones show the startup line only, then when it times out on >> the client, it changes from the IP to the entry in the hosts file. It's like >> something is preventing things from moving. I'm wondering if I have a bad >> cable or switch. >> >> I am going to try sshd_config right now and see if that works. Remember, >> this >> is the box that got duplicate libs which I had to manually delete. There are >> a >> few duplicates again. It may not be related.... >> >> Okay, changing UseDNS no didn't help at all. Still taking a couple minutes >> to >> connect via ssh. > > Ok, then check your default routes, "netstat -rn" and verify that the > one with "UG" is indeed your default gateway. It checks out okay. I'm not sure how, but it works fine. Let me 'splain... In checking for things in /etc/mail/sendmail.mc and /etc/mail/submit.mc I found that one can just type make (or make -C /etc/mail) in /etc/mail and submit.mc will be transferred to submit.cf as if m4 had been run. Same with sendmail.mc I've also seen that using make restart works on some distros, and so tried it, and that works, too. In any case, that's not the apparent solution, which IS DNS related, but not in the way you or I thought. I changed the line in sendmail.mc: FEATURE(`accept_unresolvable_domains')dnl to dnl FEATURE(`accept_unresolvable_domains')dnl and things started working again as they had several days ago. Now then, please understand that nothing had been changed on the server at all. Nothing. That's why I still think there may be a hardware issue somewhere. The feature above has been enabled since the system was installed 7 weeks ago. Thoughts? Karl > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer ricks@nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - Hard work has a future payoff. Laziness pays off now. - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list@redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request@redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP@ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
TCP?
Karl Pearson wrote:
On Thu, October 16, 2008 12:05 pm, Rick Stevens wrote: Karl Pearson wrote: On Thu, October 16, 2008 11:31 am, Rick Stevens wrote: I should have mentioned that you'll need to "service sshd restart" after making the change to sshd_config. You'll need to restart sendmail as well if you change its config. And if you're asking "why doesn't it fail when I specify 'localhost'?" remember that localhost is in your /etc/hosts file. When you "ssh localhost" or "telnet localhost 25", the host AND CLIENT IPs are 127.0.0.1 which corresponds to "localhost" in /etc/hosts. I try to give full explanations when I post and I missed it that time. Sorry! I had already tried DNS settings. I edited nsswitch.conf and changed it to files first, then dns, with this line: hosts: files dns [NOTFOUND=return] files and made sure the IPs are in /etc/hosts, which they already were. One email went out with alpine from another PC, but nothing more and it took just about long enough to time out. Watching it in ps ax showed startup with 172.20.20.100 then cmd read: 172.20.20.100 but all the other ones show the startup line only, then when it times out on the client, it changes from the IP to the entry in the hosts file. It's like something is preventing things from moving. I'm wondering if I have a bad cable or switch. I am going to try sshd_config right now and see if that works. Remember, this is the box that got duplicate libs which I had to manually delete. There are a few duplicates again. It may not be related.... Okay, changing UseDNS no didn't help at all. Still taking a couple minutes to connect via ssh. Ok, then check your default routes, "netstat -rn" and verify that the one with "UG" is indeed your default gateway. It checks out okay. Okey doke. Just checking. With updates and such (and that goddamn POS called "NetworkManager"), anything's possible. I'm not sure how, but it works fine. Let me 'splain... In checking for things in /etc/mail/sendmail.mc and /etc/mail/submit.mc I found that one can just type make (or make -C /etc/mail) in /etc/mail and submit.mc will be transferred to submit.cf as if m4 had been run. Same with sendmail.mc Actually, sendmail.cf is the output of m4 after processing sendmail.mc (and others). I've also seen that using make restart works on some distros, and so tried it, and that works, too. Most of them to a "cd /etc/mail;make" before they actually start sendmail (either in a "restart" or a "start" scenario). In any case, that's not the apparent solution, which IS DNS related, but not in the way you or I thought. I changed the line in sendmail.mc: FEATURE(`accept_unresolvable_domains')dnl to dnl FEATURE(`accept_unresolvable_domains')dnl and things started working again as they had several days ago. Now then, please understand that nothing had been changed on the server at all. Nothing. That's why I still think there may be a hardware issue somewhere. The feature above has been enabled since the system was installed 7 weeks ago. Yes, anything that's to be put into the sendmail.cf must begin with "dnl". Things without "dnl" are directives to m4 itself. BTW, m4 is a right pain in the arse...why sendmail.org decided to standardize on it is beyond my comprehension. As far as DNS issues are concerned...well, there's much to check. Verify that /etc/resolv.conf has the actual DNS servers in it and verify you can ping them from the host in question. In some cases, your router does DNS for you via a proxy. Next, verify that you have TCP and UDP port 53 open so DNS queries can be handled, both in the iptables config and in your external firewall (amazing how many of them block DNS). You can use "related,established" in your iptables rules if you are concerned about security. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Polygon: A dead parrot (With apologies to John Cleese) - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
TCP?
On Thu, 16 Oct 2008, Rick Stevens wrote:
Karl Pearson wrote: On Thu, October 16, 2008 12:05 pm, Rick Stevens wrote: Karl Pearson wrote: On Thu, October 16, 2008 11:31 am, Rick Stevens wrote: I should have mentioned that you'll need to "service sshd restart" after making the change to sshd_config. You'll need to restart sendmail as well if you change its config. And if you're asking "why doesn't it fail when I specify 'localhost'?" remember that localhost is in your /etc/hosts file. When you "ssh localhost" or "telnet localhost 25", the host AND CLIENT IPs are 127.0.0.1 which corresponds to "localhost" in /etc/hosts. I try to give full explanations when I post and I missed it that time. Sorry! I had already tried DNS settings. I edited nsswitch.conf and changed it to files first, then dns, with this line: hosts: files dns [NOTFOUND=return] files and made sure the IPs are in /etc/hosts, which they already were. One went out with alpine from another PC, but nothing more and it took just about long enough to time out. Watching it in ps ax showed startup with 172.20.20.100 then cmd read: 172.20.20.100 but all the other ones show the startup line only, then when it times out on the client, it changes from the IP to the entry in the hosts file. It's like something is preventing things from moving. I'm wondering if I have a bad cable or switch. I am going to try sshd_config right now and see if that works. Remember, this is the box that got duplicate libs which I had to manually delete. There are a few duplicates again. It may not be related.... Okay, changing UseDNS no didn't help at all. Still taking a couple minutes to connect via ssh. Ok, then check your default routes, "netstat -rn" and verify that the one with "UG" is indeed your default gateway. It checks out okay. Okey doke. Just checking. With updates and such (and that goddamn POS called "NetworkManager"), anything's possible. I disable NetworkMangler on my servers at install time. I'm not sure how, but it works fine. Let me 'splain... In checking for things in /etc/mail/sendmail.mc and /etc/mail/submit.mc I found that one can just type make (or make -C /etc/mail) in /etc/mail and submit.mc will be transferred to submit.cf as if m4 had been run. Same with sendmail.mc Actually, sendmail.cf is the output of m4 after processing sendmail.mc (and others). Yes, nice, huh? Why doesn't sendmail.cf actually act like a .conf file one can just modify? Like I haven't manually modified them for years anyway :) I've also seen that using make restart works on some distros, and so tried it, and that works, too. Most of them to a "cd /etc/mail;make" before they actually start sendmail (either in a "restart" or a "start" scenario). Yes, but new to me. In any case, that's not the apparent solution, which IS DNS related, but not in the way you or I thought. I changed the line in sendmail.mc: FEATURE(`accept_unresolvable_domains')dnl to dnl FEATURE(`accept_unresolvable_domains')dnl and things started working again as they had several days ago. Now then, please understand that nothing had been changed on the server at all. Nothing. That's why I still think there may be a hardware issue somewhere. The feature above has been enabled since the system was installed 7 weeks ago. Yes, anything that's to be put into the sendmail.cf must begin with "dnl". Things without "dnl" are directives to m4 itself. dnl is the starting line of a not-to-be-used feature, so adding dnl turned it off. Or am I missing something? BTW, m4 is a right pain in the arse...why sendmail.org decided to standardize on it is beyond my comprehension. Yes it is. Which is why I was happy to see that 'make' does the same thing now. As far as DNS issues are concerned...well, there's much to check. Verify that /etc/resolv.conf has the actual DNS servers in it and verify you can ping them from the host in question. In some cases, your router does DNS for you via a proxy. I had checked that stuff before emailing the list. I should have mentioned it. The solution isn't a real solution as some email still times out, but the majority is able to be delivered to port 25 Next, verify that you have TCP and UDP port 53 open so DNS queries can be handled, both in the iptables config and in your external firewall (amazing how many of them block DNS). You can use "related,established" in your iptables rules if you are concerned about security. DNS is open. I do my own DNS and my ISP 'secondary's my changes on a schedule based on serial. iptables is set to related,established already. That's been in place for a few years now across server upgrades. But, like email sending, ssh is now slow again... But not as slow as before. I'm still leaning toward hardware being the issue, though I haven't been able to track it down yet. One thing I just tried for grins and giggles is to switch nsswitch.conf from: hosts: dns files to hosts: files dns and things seem much faster again. But, that was at dns files forever (okay, seven weeks on this server). Karl ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks@nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Polygon: A dead parrot (With apologies to John Cleese) - ---------------------------------------------------------------------- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP@ourldsfamily.com --- http://consulting.ourldsfamily.com --- _______________________________________________ Redhat-install-list mailing list Redhat-install-list@redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request@redhat.com Subject: unsubscribe |
| All times are GMT. The time now is 02:01 PM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.