[CentOS] Not firewall, but what?

Tony Molloy tony.molloy at ul.ie
Fri May 7 08:14:25 UTC 2010 

On Friday 07 May 2010 05:38:45 Jussi Hirvi wrote:
> Ok, thanks for ideas - many new things to test. So far no luck.
> 
> Too bad i don't have first-hand access to any of the client machines who
> *do* have this problem.
> 
> Next, I will go and switch the ethernet cable to a different slot on the
> router - kind of desperate, I know.
> 
> Some more details:
> - this web server is a xen virtual guest system, with CentOS 5.4
> - the problem surfaced yesterday morning (6th of May), after I had
> migrated all these web sites from an old Fedora box to this new CentOS
> system
> 
> Does the problem affect other xen systems on the same box? I haven't
> tested this yet (I cannot reproduce the error).
> 
> You could test yourself if you can see
> 	http://62.236.221.71 (the problem system)
> 	http://62.236.221.78 (another guest on the same xen host)
> 
> If someone *cannot* see the 1st one, then it would be interesting to
> know if (s)he can see the 2nd one or not.
> 
> - Jussi
> 

OK I can see the second one but not the first.

I can also ping the second one but not the first.

Tony

> On 6.5.2010 22.00, Benjamin Franz wrote:
> > On 05/06/2010 11:42 AM, Ryan Manikowski wrote:
> >> Notice the op posted they get timeouts even when going directly to a
> >> numerical address (if the apache server is configured to respond to
> >> *:80 it should at least display something)
> >>
> >> Try using telnet from a client machine that can not connect.
> >>
> >> e.g. telnet host.name.here 80
> >>
> >> or
> >>
> >> telnet xx.xxx.xxx.xxx 80
> >>
> >> Try a few times and see if you're getting a timeout or if it connects
> >> every time. Run tcpdump on the apache server while sending the
> >> connection requests and see if the connection attempts show up at all.
> >> If they do not, then it's a network problem.
> >
> > Try running 'ab' (the apache bench tool - see 'man ab' for how to use
> > it) against your server and see if you can provoke the timeouts. If you
> > can, then you are probably not configured to handle many quick
> > connections and should check (1) httpd.conf to make sure you don't have
> > an excessively low setting for 'MaxClients' or (2) a too low setting for
> > max open filehandles. Look in /etc/security/limits.conf - you should
> > have a line reading something similar to:
> >
> >
> > * - nofile 64000
> >
> >
> > somewhere in it to raise the max number of open files. Busy web servers
> > need lots of filehandles.
> >
> > --
> > Benjamin Franz
> >
> > --
> > Benjamin Franz
> >
> >
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> 

-- 

Chief Technical Officer.                   Tel: +353 061-202778
Dept. of Comp. Sci.
University of Limerick.

More information about the CentOS mailing list