Date: Wed, 31 Mar 2004 17:46:26 -0600 (CST) From: Roddie Hasan <roddie@krweb.net> To: freebsd-questions@freebsd.org Subject: Strange TCP Issue Message-ID: <20040331113553.O81846@krweb.net>
next in thread | raw e-mail | index | archive | help
Background ---------- Running FreeBSD 4.9-STABLE updated this week (though the problem goes back at least two weeks). This isn't a new server and has been running its current install since the 4.1 days. There aren't any sysctl or tuning customizations, not really running any special or oddball services. It's a dual-homed server running ipf/ipnat, apache, bind, mysql, and sendmail. Again, nothing out of the ordinary. The ipf rules are very relaxed, and I'm not running stateful. The Issue --------- Every few hours (I can't get more specific, it varies), I am unable to establish *new* outgoing tcp connections via the outside interface (ed0). The problem goes away after a few minutes (again, it varies), and everything works fine. The weird part is that existing tcp sessions remain operational and the really weird part is that I *can* establish tcp sessions from NAT clients going through the server. New outbound sessions just hang - I've been using telnet to test to various ports on servers that are up. New inbound sessions to the server work just fine, outbound sessions through the other nic (xl0) work fine. Pings in all directions work. I've eliminated DNS and mbufs as the issue, netstat -f doesn't look abnormal, and there aren't a whole lot of open connections. The routing table is simple and sane (again, NAT connections work). I don't believe ipf or ipnat to be the problem since the configuration is very simple and looking at ipnat -l and ipfstat, everything seems normal. Again, NAT connections through the server work just fine. As I said, the problem started about two weeks ago, I *believe* after a buildworld, but I wouldn't bet my life on it. There were no other changes made to the server that I can recall that would cause this, but I'm open to any ideas at this point. Thanks for any help! Roddie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040331113553.O81846>