Re: tcp/ip failures with fbsd 8.2 386 on ESX 4.1

[Gary Gatten]

Maybe try disabling dns lookups within syslog-ng?

- Original Message -
From: Len Conrad [mailto:lcon...@go2france.com]
Sent: Saturday, March 19, 2011 05:40 PM
To: freebsd-questions@freebsd.org freebsd-questions@freebsd.org
Subject: tcp/ip failures with fbsd 8.2 386 on ESX 4.1


FreeBSD 8.2 32-bit
ESXi 4.1
em0 driver to the ESXi Intel emulation
syslog-ng 2.0.10

em0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST metric 0 mtu 
1500
options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM
ether 00:50:56:90:00:01
inet a.b.c.85 netmask 0xffe0 broadcast a.b.c.95
media: Ethernet autoselect (1000baseT full-duplex)
status: active

We've be running FreeBSD 7.x for a couple of years on ESXi 4.0 and 4.1 with no 
problems.

We're having tcp/ip failures with 8.2 as syslog-ng server.  trafshow shows 
aggregate port 514 traffic hitting peaks of about 25K char/sec.

After sometimes many hours of the syslog-ng VM server running well, 

monit from other machines signals port 514 is down, up, down, up.

this is confirmed by other machines with

nmap a.b.c.d -p 514 -sU

... showing closed, open, closed, etc.

syslog-ng logging for all syslog clients stops more or less simultaneously.

trafshow filtered for port 514 shows udp packets arriving, but instead of 
showing the source and destinations by PTR domain name, it switches to showing 
their IPs.

to test the external DNS, on the syslog-ng VM, we try

dig @recursive.server -x a.b.c.d

and get no response.  Other machines query the recursive server successfully.

Without rebooting the FreeBSD VM, we do

/etc/rc.d/netif restart
/etc/rc.d/routing restart

which allows full operation.

dmesg and messages show no errors.

Suggestions?

Len



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org





font size=1
div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 
1.0pt 0in'
/div
This email is intended to be reviewed by only the intended recipient
 and may contain information that is privileged and/or confidential.
 If you are not the intended recipient, you are hereby notified that
 any review, use, dissemination, disclosure or copying of this email
 and its attachments, if any, is strictly prohibited.  If you have
 received this email in error, please immediately notify the sender by
 return email and delete this email from your system.
/font

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: tcp/ip failures with fbsd 8.2 386 on ESX 4.1

[Len Conrad]

Maybe try disabling dns lookups within syslog-ng?

- Original Message -
From: Len Conrad [mailto:lcon...@go2france.com]
Sent: Saturday, March 19, 2011 05:40 PM
To: freebsd-questions@freebsd.org freebsd-questions@freebsd.org
Subject: tcp/ip failures with fbsd 8.2 386 on ESX 4.1


FreeBSD 8.2 32-bit
ESXi 4.1
em0 driver to the ESXi Intel emulation
syslog-ng 2.0.10

em0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST metric 0 mtu 
1500
options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM
ether 00:50:56:90:00:01
inet a.b.c.85 netmask 0xffe0 broadcast a.b.c.95
media: Ethernet autoselect (1000baseT full-duplex)
status: active

We've be running FreeBSD 7.x for a couple of years on ESXi 4.0 and 4.1 with no 
problems.

We're having tcp/ip failures with 8.2 as syslog-ng server.  trafshow shows 
aggregate port 514 traffic hitting peaks of about 25K char/sec.

After sometimes many hours of the syslog-ng VM server running well, 

monit from other machines signals port 514 is down, up, down, up.

this is confirmed by other machines with

nmap a.b.c.d -p 514 -sU

... showing closed, open, closed, etc.

syslog-ng logging for all syslog clients stops more or less simultaneously.

trafshow filtered for port 514 shows udp packets arriving, but instead of 
showing the source and destinations by PTR domain name, it switches to showing 
their IPs.

to test the external DNS, on the syslog-ng VM, we try

dig @recursive.server -x a.b.c.d

and get no response.  Other machines query the recursive server successfully.

Without rebooting the FreeBSD VM, we do

/etc/rc.d/netif restart
/etc/rc.d/routing restart

which allows full operation.

dmesg and messages show no errors.

Suggestions?

Len

the failure just happened again.  this time ssh sessions, like the one running 
trafshow, are cut off.  ssh again gets connection refused

on another machine running a looping, logging script of

nmap a.b.c.d -p 514 -sU

show port 514 open

It seems like the tcp/ip or em0 driver gets screwed up.

Len




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org





font size=1
div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 
1.0pt 0in'
/div
This email is intended to be reviewed by only the intended recipient
 and may contain information that is privileged and/or confidential.
 If you are not the intended recipient, you are hereby notified that
 any review, use, dissemination, disclosure or copying of this email
 and its attachments, if any, is strictly prohibited.  If you have
 received this email in error, please immediately notify the sender by
 return email and delete this email from your system.
/font

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org