Welcome to networking hell - ssh, samba, apache and the dreaded CLOSED_WAIT
From: Joel V. (joel_at_starman.ee)
To: <firstname.lastname@example.org> Date: Tue, 7 Jun 2005 20:42:17 +0300
First of all, I want to thank everyone in advance who decide to help me.
Now, here's some background info:
I have a P4 2.4 server with 512mb of RAM and 160GB hdd. There are two intel
NICs, 192.168.0.254 and 82.131.xxx.xx
The box is running FreeBSD 4.8 and it's behind a fast 5mbit line.
Services running on the server are gateway/NAT, DNS, default "open"
firewall, Samba (I think 2.2.8), Qmail + vpopmail, proftpd, apache 1.3.27 +
There are 7 computers with WinXP SP1 in the office and 2 computers with
Win2k SP4. Yesterday I got a call from the office saying there are some
problems with getting and sending e-mail.
I go sit behind one WinXP machine, and I can't send/receive mail at all with
Outlook XP. All transfers are timing out. I try to access Samba shares, and
I have to wait 1-2min before I can see them. Now once I access them,
they're all fast for a short period of time, after a while it goes slow
again. Then I try to see our homepage which is hosted at our server and
guess what - it takes 3-4min to load it.
But.. accessing other sites is fine. The internet in general is working like
a charm from all machines!
Now here's the funny thing. Both Win2k machines can access the Samba shares
OK without any lag (but our website still comes on slow).
I go to the server and shut down all services except for Samba. Voila! I can
access the server shares again with (a bit worse than) usual 1-2 sec delay.
Now I open up e-mail account settings and notice that the incoming server is
192.168.0.254 - I change that to mail.xxxxxx.ee (our mailserver) just to
test it and everything is OK again. Now, when I launch apache, try to view
our site from within the LAN and send/receive e-mail, I get timeouts again.
Shut down apache and it's working.
Now here's another thing I haven't mentioned. I can't also use ssh inside
our office. When I enter the username when connecting to the server it just
times out without asking me for a password (only ONCE did I see a password
prompt but it was too late, the timeout had already occured). I have to
connect to another server I have running, and then connect from there.
ARP data seems to be OK, but netstat showed some odd states for some
connections when I was trying to access our homepage - CLOSED_WAIT.
I've tried restarting the services, restarting the server, restarting the
switch and our workstations - nothing. Inside our office it's networking
hell when Apache is running (and ssh hell even when Apache is not running).
There is enough room on all partitions, I checked all the logs and didn't
notice anything strange. When I connect from home, everything is working as
it should - ssh, e-mail, ftp, you name it. Did I mention I haven't changed
any configuration settings for a long time and the server has been running
for 2 years almost without any problems?
I've shut down apache and moved our homepage to my friend's server, and
everything seems to be working for now. But I have to get this thing fixed
and to be honest with, I have no more ideas what to try. Here's where I
need your help. Thanks again.
I am not a member of the mailing list, so I would be very grateful if you
could send me a response directly at email@example.com - thanks!
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "email@example.com"