The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Client has periods where can't connect to server...

Discussion in 'General Discussion' started by schwim, Sep 13, 2007.

  1. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Hi there,

    Currently, we can connect to their server, while sometimes they can't at all and sometimes they'll get a partial(very slow) pageload.

    I had them run a traceroute, and it seems that they're getting to the server, but then the connection drops:

    We're not sure what to do. We've been working on the site during the whole period of time that they're having a problem, and we've had no issue with connections.

    I've checked lfd, and their IP is not blocked(grabbed from the tracert)

    Can someone give me some idea of what I might be able to do to find out what the problem is?

    thanks,
    json
     
  2. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Holy cow, I forgot the biggest part:

    She uses our support site to log the trouble ticket. That site resides on the same server.

    I would think that this means either a domain or IP problem, no? If so, what would cause them to have the problem but not us?

    This is an established site in existence for over a year.

    thanks,
    json
     
  3. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    I had her try to contact the site both by IP and by domain, with both she received the following error:

    Any suggestions would be greatly appreciated.

    [EDIT] The last thing I could think of was disabling CSF/LFD. The client was still unable to connect.[/EDIT]

    thanks,
    json
     
    #3 schwim, Sep 13, 2007
    Last edited: Sep 13, 2007
  4. koolcards

    koolcards Well-Known Member

    Joined:
    Oct 8, 2003
    Messages:
    146
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Tampa, Fl
    Her machine shows the site at 208.109.107.100 but the DNS on your name servers (ns1.schwimsdns.com and ns2.schwimsdns.com) show the site at 208.109.107.220
     
  5. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Hi there koolcards,

    I missed a spot that I needed to alter the domain. I altered the domains and IP's... so much for thoroughness :)

    her IP is as you stated. We can connect to 220, while she can not.

    Sorry for the unnecessary confusion.

    thanks,
    json
     
  6. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Hi Koolcards.

    Thanks very much for your contact.

    I might have replied too late to do you any good, but she's actually resolving to the correct address. The incorrect IP address was my poor attempt at cloak-and-dagger, which only resulted in confusion.

    In short, her computer is resolving the domain as .220. Even when attempting to connect to the site directly via IP, she is refused connection.

    She just logged another trouble ticket stating that her husband, at a different location also can not connect to the server.

    thanks,
    json
     
  7. koolcards

    koolcards Well-Known Member

    Joined:
    Oct 8, 2003
    Messages:
    146
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Tampa, Fl
    Different location and different ISP? I ask because the "No route to host" error means somebody isn't able to resolve the sites IP address. When did you make the DNS change?
     
  8. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    I've not made a dns change on her domain in almost a year.

    She states that her husband, using IE can not access either.

    I am waiting for a response from her regarding the ISP's between the two of them.

    I don't doubt there is a problem, I just have absolutely no idea what it might be.

    thanks,
    json
     
  9. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Update:

    She states that she thinks that her and her husband shares the same ISP. She has called other people that have tried to connect from different ISP's in her area, and they are able to connect without issue.

    She has already talked to Comcast, and they of course stated that everything is A-OK and dandy on their end.

    With the information we've discussed, what might be her best tactic in discussing the problem with them?

    thanks,
    json
     
  10. koolcards

    koolcards Well-Known Member

    Joined:
    Oct 8, 2003
    Messages:
    146
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Tampa, Fl
    Right, well. I suggested a couple things in that PM and it has to be A)network, B)server, C)or her end.
    I and everybody else in the world can connect to her server so, check the box's iptables rulesets to see that she isn't blocked, run the trace from the server to her current IP. If there's nothing there, she needs to look at her firewall or ISP. :confused:

    Umm, did you say it was intermittent? Is there some kind of security software on the machine that would count her, say, IMAP mail connections toward some kind of limit then shut her out?
     
  11. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    hi there,

    I run Chirpy's script package. You can be blocked with too many connections, but:

    1) I get a notice
    2) It doesn't explain her husband also being blocked as well.

    It is intermittent. She just started having the problem again tonight after a two month period where she connected fine.

    Keep in mind that the server is not blocking her. She can connect to the support site, which although uses a different IP is on the same server.

    I'm contacting the locator now to see what they say. Unfortunately, I suspect that it won't be much.

    I'm totally flummoxed.

    thanks,
    json
     
  12. koolcards

    koolcards Well-Known Member

    Joined:
    Oct 8, 2003
    Messages:
    146
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Tampa, Fl
    A firewall rule can block based on both Source and Destination address so it's worth checking. Just look through the rules for her IP or IP range.
    I'm not familiar with Chirpy's scripts, although I know they're good. But I don't know anything about them so can't help with that. :cool:
     
  13. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might try searching for the IP in your logs and see if that turns up anything.

    grep 11.22.33.44.55 /var/log/*
    grep 11.22.33.44.55 /etc/httpd/logs/error_log
     
  14. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    Another thing to look at, do you have dshield and spamhause lists enabled in CSF? They could be on a addresses of a blocked subnet.

    I seen this happen that even if you add their IP to the ALLOW list, it still gets blocked.

    Just for a test, if you are in fact loading those lists in the firewall, disable them and give it a try if you find nothing else.
     
  15. kev1nk

    kev1nk Member

    Joined:
    Sep 11, 2007
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Re: connectivity issues

    Hello,

    The issues with the "traceroute" could be caused by specific filter placed by the Data Center ot the ISP.You could never be sure about that. However the customer will not try to access
    the trace ot to use the icmp. The potential customer will use the services on the cPanel machine. I am talking about web,mail,ftp,dns. You should try telnet to port 80. If you are unable to connect then you have a problem:

    1. Firewall on the server
    2. Firewall on the customers PC
    3. Network connectivity issue

    If you are sure about points 1. and 2. , then you have to contact the network specialists in
    the DataCetnter or the customers ISP support.

    However if you are able to connect via telnet then the problem is in the server configuration
    and you could start log monitoring and other troubleshooting procedures.

    Best Regards
    Kevin K
     
  16. koolcards

    koolcards Well-Known Member

    Joined:
    Oct 8, 2003
    Messages:
    146
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Tampa, Fl
    Probably. I've even done the same to myself manually from time to time. He sent me a copy of the rulesets and there's a Chain SPAMHAUS in there with a lot of large subnets blocked. I'm waiting for him to obtain his customer's current IP to try and match it but apparently Jason has to sleep sometime. :eek: Who knew? :D
     
  17. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Hi there guys,

    I'm trying to get into contact with her today to get updated connection information.

    As soon as I have her current IP and am sure that she is still unable to connect, I'll continue with the tests,

    Do the ones that suggested dhaus and firewall issues, just to remind you, I disabled the firewall(in csf/lfd settings), ensured that it showed that it was turned off, then had her try to connect. She still stated that she couldn't connect.

    Her ISP did another traceroute with her and found that it dropped at an IP prior to the server:

    If her connection were dropping at the server, it would still show the server address wouldn't it? Am I wrong, or is this reflecting that it's dropping off in the GoDaddy Network before ever getting to the server?

    I'm often wrong, so nobody will hurt my feelings by saying so :)

    The confusing part to that is that if it is dropping off in the network prior to the server, why can she visit the support site that is on the same server, but uses a different IP?

    thanks,
    json
     
    #17 schwim, Sep 14, 2007
    Last edited: Sep 14, 2007
  18. koolcards

    koolcards Well-Known Member

    Joined:
    Oct 8, 2003
    Messages:
    146
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Tampa, Fl
    Hi Jason,
    the responses she's getting are back to her machine from the various nodes along the way and, if you'll look at the times, slightly higher than they really should be.
    This is from another location. Notice the Godaddy routers all respond and match her route, starting with 208.109.112.142:

    14 32 32 29 208.109.112.142 ip-208-109-112-142.ip.secureserver.net
    15 30 30 29 216.69.188.77 ip-216-69-188-77.ip.secureserver.net
    16 33 32 31 208.109.112.6 ip-208-109-112-6.ip.secureserver.net
    17 33 32 31 208.109.107.220 ip-208-109-107-220.ip.secureserver.net

    I suspect the problem is it's peering with Global Crossing (gblx.net). Her connection is dying, for some reason and seems to die within gblx.net. But, as I mentioned last night, it wouldn't hurt to ask the network people at Godaddy about optimizing their route and also asking Global Crossing it they have a problem. Comcast should ask them also 'cause Global Crossing could be ... the weakest link!
    (I'm sure that show is still on somewhere) :D
     
  19. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Hi there Koolcards,

    I don't mind putting my ignorance on display, but this may be a little much, even for me :)

    Her problem has started up again tonight(she could connect fine earlier in the day), but I am currently waiting on her IP information and a new traceroute from her.

    When I receive that, if the connections still drops at Global Crossing's server, what do I do? Do I simply contact them telling them that a client can't connect, providing the IP and traceroute information? I've never had to contact anyone like this, and I'm not sure how to go about doing it.

    Secondly, you stated that I still need to contact GoDaddy, asking them to optimize the routing. Is this because it's using Global Crossing's servers, or because of the numbers you're seeing on the traceroute? I also am confused as to what I might propose for them to do.

    Any suggestions would be greatly appreciated, as I was hoping to actually get some sleep tonight :D

    thanks,
    json
     
  20. schwim

    schwim Well-Known Member

    Joined:
    Aug 2, 2006
    Messages:
    198
    Likes Received:
    0
    Trophy Points:
    16
    Her latest traceroute:

    thanks,
    json
     
Loading...

Share This Page