Server gets no return TCP packets when sending to cPanel server

Kyle Eadie

Member
Dec 5, 2017
8
0
1
Michigan, United States
cPanel Access Level
Root Administrator
Hello,

I have 3 CentOS severs that I have tried in our Orlando, Florida office that get connection timeouts to our hosted dedicated CentOS/cPanel server in Tampa, Florida. UDP works and TCP packets get received, but are either dropped or no return message sent. I'm in Michigan so a few tests aren't super easy. I have SSH access to all machines. Our other offices can connect just fine and these did until this started last week. Multiple ports affected, including: 80, 21, 22, 3306.

I've tried about a hundred things and I'll try to list some here. Thanks!

- Rebooted all servers
- Took office server out from behind hardware firewall and turned off software firewall on hosted server (CSF and cPHULK)
- Changed public IP address for office by switching to backup ISP
- Changed hardware firewall to more standard 1400 MTU
- Wireshark shows sftp packet arrives, and a TCP Retransmission seconds later
- Windows computers on the same network work
- The hosted server can connect to the office server (opposite direction)
- traceroute works, tcptraceroute stops at the hosted server
- Can send data with nc over udp, but not tcp
- Can connected to other hosted server at same provider
- SELinux is not running
- Tried with multiple FQDNs and multiple IPs that the server has

Any thoughts or ideas would be greatly appreciated! My hosting provider is going to put the server into a recovery environment this weekend to see if it works from there.

Thanks!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hi Kyle,

I'm not sure of any additional steps you can take to troubleshoot the issue. Reaching out to your data center's system administration team (on both sides) to see if they can take a closer look at what's happening is likely the best approach, as it looks more like a network issue as opposed to a software issue.

Thank you.
 

rpvw

Well-Known Member
Jul 18, 2013
1,101
465
113
UK
cPanel Access Level
Root Administrator
Are the net neutrality people experimenting on you ???

Seriously though (In no particular order):
cPHulk
CSF/LFD and/or all firewalls
HostAccess Control
Mod Security

Update server(s) time (see if you can sync all the boxs from the same NTS)
 

Kyle Eadie

Member
Dec 5, 2017
8
0
1
Michigan, United States
cPanel Access Level
Root Administrator
Are the net neutrality people experimenting on you ???
LOL! I guess I have to pay more for all computers to connect, not just some.

Tried turning off cPHulk, CSF, LFD, nothing in HostAccess (didn't know about that one) and mod security has everything off and no vendors setup. I did add an accept rule to HostAccess just in case, but no luck either.

Thanks for the reply!
 

rpvw

Well-Known Member
Jul 18, 2013
1,101
465
113
UK
cPanel Access Level
Root Administrator
I mentioned the server time.....I use CentOS on my desktop workstation (and use it to connect and administer my CentOS....OK....CloudLinux servers) and I once had all sorts of strange happenings when the system time got badly unsynchronised on my desktop.

I know it sounds unintuitive and is a long shot..........but at this stage, anything is worth checking ? :)
 

rpvw

Well-Known Member
Jul 18, 2013
1,101
465
113
UK
cPanel Access Level
Root Administrator
If there are any tests I can do for you from my location here in Spain, please do not hesitate to ask.