From owner-freebsd-questions Thu Jun 27 07:53:20 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id HAA03288 for questions-outgoing; Thu, 27 Jun 1996 07:53:20 -0700 (PDT) Received: from croute.com (ishm2.croute.com [199.97.106.1]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id HAA03278 for ; Thu, 27 Jun 1996 07:53:15 -0700 (PDT) Received: from bldg1.croute.com by croute.com (4.1/SMI-4.1) id AA15169; Thu, 27 Jun 96 09:53:11 CDT Received: from COMPUROUTE/SpoolDir by bldg1.croute.com (Mercury 1.13); Thu, 27 Jun 96 9:52:50 +600 Received: from SpoolDir by COMPUROUTE (Mercury 1.13); Thu, 27 Jun 96 9:52:22 +600 From: "Larry Dolinar" Organization: CompuRoute, Inc. To: questions@freebsd.org Date: Thu, 27 Jun 1996 09:52:14 +600 CDT Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7BIT Subject: sendmail, routing, and port 25 dying slowly X-Confirm-Reading-To: "Larry Dolinar" X-Pmrqc: 1 Priority: normal X-Mailer: Pegasus Mail v3.22 Message-Id: <64A1FCB05AA@bldg1.croute.com> Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Forgive me, but this doesn't apply entirely to FreeBSD (however I hope it may be the solution)... I'm using a Sun Sparc 2 (SunOS 4.1.3) for a relay host and local DNS. We also run 2 Novell networks. Here's the dreaded diagram: smtp ISP /\/\ Ascend P50 -------------- nw1 ----------- nw2 -------- 199.97.106.x private 38.234.83.x/24 The Ascend has static routes to the private net (192.168.2.x) and the subnetted class A (38.234.83.x). 'smtp' is on the 199.97.106.x net, and likewise has static routes, both through 'nw1' (not its host name) for the "private" and "38" networks; the "private" route accomodates contact from 'nw2' for mail originating from their network (via Mercury/Pegasus). These static routes became necessary because some VP type just had to run Netscape from the 38 network, a second "class C" that was given us by our ISP, long after the first class C (199) was acquired. At least, it seemed to fix the problem. There is a long-standing thing about Novell 3.12 fileservers and their TCP/IP routing as it comes "out of the box". If you use RIP, default routes are pretty much screwed (determined by order of the bind statements for the network cards). If you turn it off, a different approach (using their IPCONFIG) allows specifying static routes in a GATEWAYS file. There are other more esoteric approaches with NLSP and OSPF I've yet to tackle. This second approach (IPCONFIG) was used on 'nw1' and 'nw2' because the RIP approach doesn't really support netmasks (as it is, we had to add to /etc/networks and /etc/netmasks on the relay host to get Sun's routes to work). ping, ftp, Netscape, and (we thought) mail were fine. (audience shouts of: GET ON WITH IT! 8) Now to the problem: incoming mail on 'smtp' degrades gradually (apparently) as long as these static routes are installed on the smartmailer. Outgoing mail is fine, but port 25 response just gets more and more sluggish (verifiable by trying to telnet into port 25 from another host, even on the 199 network). Kill those routes to "private" and "38" and it wakes up again, pretty quickly. While all routes are installed, all parties can ping each other, and the outside, without incident. Perhaps this is a Sun problem with DNS, SMTP, and static routes to "non- standard" networks all on the same box. I'm considering resubscribing to sun-managers and posting this problem, though the traffic is pretty high and the tone borders on acidic. Does any of this sound familiar (the problem, that is)? I'm considering moving the SMTP functions to what will shortly be our FTP server (running 2.1.0-R), and perhaps leaving the DNS where it is. In reality both our primary and secondary name servers are with the ISP; what we're using locally seems more of a skeleton DNS. What I'm hoping is that with this SunOS version being pretty old, FreeBSD doesn't have this kind of problem and will make a workable alternative. Nonetheless it's tough troubleshooting things "in production", as most of you well know. For historical (and perhaps obvious) reasons, 'nw1' and 'nw2' aren't going away. Any insights provided are very welcome. I left out configuration files to keep the bandwidth down; hopefully this doesn't cloud the description of the problem too much. I'll be more than happy to provide them. thanks for listening, larry