Topic: ip_masq_ftp dropping data connections - my head hurts...

[jonathan storey]

Right,
  this ones driving me nuts.  We have a site with a 5.5 update 3 box on the end of a adsl connection.  It a server gateway, with the lan on 130.100.*.*/16 , the wan being, er, a public ip.
Whenever a user connects to a certain ftp site (their company ftp site)  with wsftp (or command line ftp for that matter - w2k), the data connection is eventually dropped (error 426) and the client tries to reconnect, on a different data port & tries again.  This always happen with this site.  Viewing the output of ipchains -M -L reveals that the control connection masqureading remains constant, but the data connection drops after about 1-10 mins (totally random, no pattern) & then establishes a new data connection to download the file.

The output of tcpdump gives little clues - the data is streaming fine, then it just stops, sometimes the last packet is from the server, sometimes from the client!

Have rebooted several times, have rebooted the client to no avail.

Now the weird part...ftp from the client to ALL other sites work fine!, ftp.debian.org, ftp.redhat.org etc - i can download iso's till my ears start to bleed, but not from this one site.  I'm seriously considering wiping (after a full backup) & putting on 5.6 with updates..

Anyone out there, please, this is driving me bald......

[Dave Liquorice]

> It a server gateway, with the lan on 130.100.*.*/16 , the wan being,
> er, a public ip.

Isn't 130.100.*.* in the public address space? Fairly sure that the private ranges (where your LAN should be) are 10.*.*.*, 172.16.*.* and 192.168.*.*. Is the site you're have trouble with a 130.100 one?

Cheers
Dave.

[Graeme Fleming]

Firstly, any reason your not on Update 6 for 5.5??

I would suggest that you find out what FTP server package is on the problem site and check to see if it has any known issues as it doesn't look like an SME prob!

Check their update/fix pack/revison level to see if the remote FTP site is maintained.

[jonathan storey]

Yep, tries that already, will try again.  The people running it are less than helpfull, but, they have confirmed it's a nt4 box running iis4 ftp.  There are issues relating to dropped connection on a nt4 deep ftp server (in ms knowledge base), but i'm hoping that it's a e-smith issue that someone has come accross before - so i can fix it. If the problem is with the reomte site, thne great, e-smith is fine but there is little i can do to solve it fast (apart from doing the hosting myself....but thats another mater.)

Thanks for the contrib.

[Graeme Fleming]

See

http://support.microsoft.com/default.aspx?scid=kb;EN-US;181743
&
http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b189262

Looks like the Windows server is badly in need of a service pack!!! - the fix for this is dated October 1998.

[jonathan storey]

yep,
those are the articles i've read.  The annoying part is that i can download from the remote site through 2 e-smith gateways on our 2meg link no problems, the problem is really starting to look like a site specific e-smith problem - i.e. the box is knackered.

Thanks for the help.

[Graeme Fleming]

.. at the risk of repeating the question - any reason your not on Update 6??

These updates may improve matters not to mention fix a few exploits to which you may be vulnerable.

[jonathan storey]

Didn't realise there was a update version 6 available for sme 5.5.  Dam, just browsed the mirror sites.  Right, just off to apply these updates

[jonathan storey]

Okay, my mistake for not applying update6 , all our sites now have them applied.  The problem still remains.

[jonathan storey]

Kind of sorted this.  The Problem lay with mtu sizes & packets being dropped because fragmentation was needed & could not occur.  For pptp clients trying to access certain sites & certain application through the e-smith box (example radmin remote control software), the packets had a large size, larger that the mtu of the ppp0 interface & were dropped.  Solved the pptp client problem by adding in a line to the pptp-interface-access script in the events/action folder on e-smith. Changed it to the following:

#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
#
# Technical support for this program is available from e-smith, inc.
# For details, please visit our web site at www.e-smith.com or
# call us on 1 888 ESMITH 1 (US/Canada toll free) or +1 613 564 8000
#----------------------------------------------------------------------

package esmith;

use strict;
use Errno;
use esmith::util;

my $event = $ARGV[0] || die "Event name must be given\n";
my $ipparam = $ARGV[6] || "(none)";
exit 0 unless ($ipparam eq "pptpd");
my $interface = $ARGV[1] || die "Couldn't determine interface name\n";
my $verb;
if ($event eq "ip-down")
{
    $verb = "--delete";
}
elsif ($event eq "ip-up.pptpd")
{
    $verb = "--insert";
system("/sbin/ifconfig", $interface, "mtu", "1500");
}
else
{
    die "Don't know what to do for event $event\n";
}
# Accept or cease to accept traffic on given interface as local traffic
system("/sbin/iptables", $verb, "INPUT", "-i", $interface, "-j", "ACCEPT");
system("/sbin/iptables", $verb, "OUTPUT", "-o", $interface, "-j", "ACCEPT");

exit(0);




Just altered the pppX to 1500 where pppX is the ppp interface for that particular vpn connection.  I'm currently looking into how this alteration will affect throughput & performance but it seems okay for the moment (no smoke yet....)

Cheers