Koozali.org: home of the SME Server

Contribs.org Forums => General Discussion => Topic started by: dennyhalim on April 20, 2007, 09:19:16 AM

Title: is smeserver doing huge upload to dns server???
Post by: dennyhalim on April 20, 2007, 09:19:16 AM

i have ipcop as my gateway to the internet and using port forwarding to receive mail on sme which is on lan side.
everything have been running fine for a month or so...

less than a week ago, i install latest smeserver update and reconfigure/reboot the server.

then, i got a lot of internet connection problem.
it's real bad so that no one can browse any web and sometimes even causing ym disconnected.

so, i check my ipcop graph and see that everytime uploads rise, the downloads drop.

first, i thougth it's virus/worm/p2p/etc... that usually make huge upload.
after running iftop on ipcop for half day, i see smeserver is making a lot of upload connection to many ip outside on port 53. also, some connection on port 25 (maybe sending mail through my isp server).


so, i shutdown sme.
and yes.
the internet connection back to normal.

i'm not sure is it the dns or email connection, which one that really 'kill' my internet?

any idea how to solve this? or is it a bug???
any help is very much appreciated.

tia.


pic:
[img=http://img301.imageshack.us/img301/6585/reddayjj1.th.png] (http://img301.imageshack.us/my.php?image=reddayjj1.png)
see the peak outgoing connection from smeserver.
and see how that peak drops down after i shutdown smeserver.
[/img]

Title: is smeserver doing huge upload to dns server???
Post by: compdoc on May 03, 2007, 08:26:54 PM

what are you using SME for? Since you use ipcop, I'm guessing SME is in server-only mode, and not in gateway mode, and only has netowrk card?

Title: is smeserver doing huge upload to dns server???
Post by: dennyhalim on May 04, 2007, 05:17:43 AM

Quote from: "compdoc"

what are you using SME for? Since you use ipcop, I'm guessing SME is in server-only mode, and not in gateway mode, and only has netowrk card?

yes correct.

related bugs:
http://bugs.contribs.org/show_bug.cgi?id=2921
http://bugs.contribs.org/show_bug.cgi?id=2961
http://bugs.contribs.org/show_bug.cgi?id=2962

Title: is smeserver doing huge upload to dns server???
Post by: compdoc on May 04, 2007, 11:58:40 AM

that doesnt answer the question - what are you using SME for. And are you still having the problem?

Title: Re: is smeserver doing huge upload to dns server???
Post by: Stefano on May 04, 2007, 12:51:18 PM

Quote from: "dennyhalim"

i see smeserver is making a lot of upload connection to many ip outside on port 53. also, some connection on port 25 (maybe sending mail through my isp server).

try setting up your isp dns server as your dnscache forwarder

Code: [Select]


config setprop dnscache Forwarder ip_dns
signal-event dns-update


HTH
Stefano

Title: Re: is smeserver doing huge upload to dns server???
Post by: CharlieBrady on May 04, 2007, 11:27:52 PM

Quote from: "nenonano"

try setting up your isp dns server as your dnscache forwarder

No, denny should not do that - he/she should study log files and work out what is happening. Both qmail and dnscache do extensive logging.

BTW, servers do not "upload" to DNS servers. They send queries to DNS servers.

Title: is smeserver doing huge upload to dns server???
Post by: dennyhalim on May 11, 2007, 10:02:10 AM

server only mode.
one nic
use only for mail server.

it's obvious now that sme 'only' doing its job.
sending out email.

but, it's (intern users) sending very very much large email that it suck all my uplink connection and all other connection (browsing,chat,etc) became unuseable.

now, (imho) we must put a limit on how many email each user can send at one blast. how many email each user can send per minute. how many email each host can send. how much simultaneous connections sme can use for sending out the email.
etc....

this also will reduce risk of worms/virus/spambot blasting tons of email using our server.