Sporadic Connectivity Issues to WHM, cPanel and Webmail

[TeamMediaMike]

Hello,

The strangest thing has been happening with both of my servers over the past few weeks and no seems to have any clue as to what the problem is. Both myself and my end users are having sporadic issues (which are becoming more frequent) connecting to cPanel, Webmail and WHM (only I am having issues with WHM as I am the owner of the business and no one else has access). It is very strange. If me or my clients attempt to connect to WHM, cPanel or Webmail at times, nothing happens and it just times out (we don't even get the login prompts). From my experience, after I close the Internet and start it back up repeatedly, it will eventually, miraculously connect without any problems. Also...this issue strictly associated with WHM, cPanel and Webmail. My end users websites themselves are working just fine and if they use something like Outlook for e-mail, they do not have any problems getting mail that way.

Just so you are aware, I have tried just about every troubleshooting option that has been thrown my way. I have verified that my IP is not being blocked by any kind of firewall, I have actually temporarily disabled my server's firewall to make sure that is not the issue, I have tried connecting by IP address and domain name, I have run traceroutes without any problems, and many other troubleshooting options and absolutely no one has a clue as to what is going on. Not my data center people, not my Sys Admins...no one. As you can imagine, my end users are getting very frustrated...as I am I.

Has anyone else experienced a similar problem? Is there ANYONE who could shed some light on this or give me some advice? I am desperate here. Thank you!

-TeamMediaMike

 

[cPanelMichael]

Hello

Are you able to access your server via SSH when this happens? If so, try running the following command the next time you experience this issue:

tcpdump -n dst port 2087

While this command is active, attempt a connection to WHM over port 2087. End the command and review the output to see if the server received any data.

Thank you.

 

[TeamMediaMike]

Thank you for getting back to me. Yes...I am able to SSH to the server while I am experiencing these sporadic timeout issues. I logged on to my server as root as you requested and ran the command that you requested. I then tried to access WHM multiple times for about 5 minutes and nothing happened via the command line. After that 5 minutes, again miraculously, I was able to connect to WHM again and then I noticed the following lines come in via the command line...

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured
8 packets received by filter
0 packets dropped by kernel
[root@host /home/tmoadmin]# tcpdump -n dst port 2087
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:02:45.052851 IP 68.50.107.16.53862 > 67.225.140.112.eli: Flags [S], seq 34295                                                                                        0634, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
22:02:45.097011 IP 68.50.107.16.53862 > 67.225.140.112.eli: Flags [.], ack 10951                                                                                        37303, win 16425, length 0
22:02:45.097050 IP 68.50.107.16.53862 > 67.225.140.112.eli: Flags [P.], seq 0:18                                                                                        2, ack 1, win 16425, length 182
22:02:45.145069 IP 68.50.107.16.53862 > 67.225.140.112.eli: Flags [.], ack 2409,                                                                                         win 16425, length 0
22:02:45.154562 IP 68.50.107.16.53862 > 67.225.140.112.eli: Flags [P.], seq 182:                                                                                        524, ack 2409, win 16425, length 342
22:02:45.209350 IP 68.50.107.16.53862 > 67.225.140.112.eli: Flags [P.], seq 524:                                                                                        977, ack 2675, win 16358, length 453
22:02:45.310467 IP 68.50.107.16.53863 > 67.225.140.112.eli: Flags [S], seq 39767                                                                                        86427, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0

[snipped]

^C
118 packets captured
118 packets received by filter
0 packets dropped by kernel

I don't really know what all this means but again, nothing happened for the 5 minutes that I was not able to connect and then all of this output showed up after I was finally able to connect. Any ideas? Thanks again for your response!

 

[shashank]

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured
8 packets received by filter
0 packets dropped by kernel

Was the above output shown when you were not able to connect ? I mean 0 packets captured ?

 

[cPanelMichael]

The fact that there was no output when you were unable to access WHM indicates an issue with your connection, or the route from your connection to the server. It means the server never received any data when you were attempting to connect. You could report this to your data center if you want them to run some additional tests, or you could try using an alternate connection on a different computer to rule out any local issues.

Thank you.