From owner-freebsd-net@FreeBSD.ORG Tue Jun 7 17:41:31 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB4D516A41C for ; Tue, 7 Jun 2005 17:41:30 +0000 (GMT) (envelope-from joel@starman.ee) Received: from mx1.starman.ee (smtp-out.starman.ee [85.253.0.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5576643D4C for ; Tue, 7 Jun 2005 17:41:29 +0000 (GMT) (envelope-from joel@starman.ee) Received: from barton (ip110.cab14.ktln.starman.ee [82.131.14.110]) by mx1.starman.ee (Postfix) with ESMTP id E629319340A for ; Tue, 7 Jun 2005 20:40:23 +0300 (EEST) From: "Joel V." To: Date: Tue, 7 Jun 2005 20:42:17 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: AcVriD9c4XWMVxdASKyIMi+UESvd+g== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2527 Message-Id: <20050607174023.E629319340A@mx1.starman.ee> X-Virus-Scanned: by Amavisd-New at mx1.starman.ee Subject: Welcome to networking hell - ssh, samba, apache and the dreaded CLOSED_WAIT X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Jun 2005 17:41:31 -0000 First of all, I want to thank everyone in advance who decide to help me. THANK YOU! Now, here's some background info: I have a P4 2.4 server with 512mb of RAM and 160GB hdd. There are two intel NICs, 192.168.0.254 and 82.131.xxx.xx The box is running FreeBSD 4.8 and it's behind a fast 5mbit line. Services running on the server are gateway/NAT, DNS, default "open" firewall, Samba (I think 2.2.8), Qmail + vpopmail, proftpd, apache 1.3.27 + php, MySQL. There are 7 computers with WinXP SP1 in the office and 2 computers with Win2k SP4. Yesterday I got a call from the office saying there are some problems with getting and sending e-mail. I go sit behind one WinXP machine, and I can't send/receive mail at all with Outlook XP. All transfers are timing out. I try to access Samba shares, and I have to wait 1-2min before I can see them. Now once I access them, they're all fast for a short period of time, after a while it goes slow again. Then I try to see our homepage which is hosted at our server and guess what - it takes 3-4min to load it. But.. accessing other sites is fine. The internet in general is working like a charm from all machines! Now here's the funny thing. Both Win2k machines can access the Samba shares OK without any lag (but our website still comes on slow). I go to the server and shut down all services except for Samba. Voila! I can access the server shares again with (a bit worse than) usual 1-2 sec delay. Now I open up e-mail account settings and notice that the incoming server is 192.168.0.254 - I change that to mail.xxxxxx.ee (our mailserver) just to test it and everything is OK again. Now, when I launch apache, try to view our site from within the LAN and send/receive e-mail, I get timeouts again. Shut down apache and it's working. Now here's another thing I haven't mentioned. I can't also use ssh inside our office. When I enter the username when connecting to the server it just times out without asking me for a password (only ONCE did I see a password prompt but it was too late, the timeout had already occured). I have to connect to another server I have running, and then connect from there. ARP data seems to be OK, but netstat showed some odd states for some connections when I was trying to access our homepage - CLOSED_WAIT. I've tried restarting the services, restarting the server, restarting the switch and our workstations - nothing. Inside our office it's networking hell when Apache is running (and ssh hell even when Apache is not running). There is enough room on all partitions, I checked all the logs and didn't notice anything strange. When I connect from home, everything is working as it should - ssh, e-mail, ftp, you name it. Did I mention I haven't changed any configuration settings for a long time and the server has been running for 2 years almost without any problems? I've shut down apache and moved our homepage to my friend's server, and everything seems to be working for now. But I have to get this thing fixed and to be honest with, I have no more ideas what to try. Here's where I need your help. Thanks again. I am not a member of the mailing list, so I would be very grateful if you could send me a response directly at joel@starman.ee - thanks! - Joel