Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: Bricka on October 03, 2008, 01:51:56 PM
-
Hi, I am using my SME as a gateway/server and it has been working fine for the last 9 months.
This week however I have lost internet access from my LAN PC's and when I run the test from the Admin console screen (the one that connects to contribs.org) it states that the test has failed.
From my LAN I can ping both LAN cards in the server i.e internal & external addresses, and I can also ping the outside world i.e. www.contribs.org
I originally thought the problem may be DNS releated but I cannot connect to websites via IP address or name although I can ping them and the name resolves (but this may be cached somewhere)
I have not changed anything on the server or on the LAN, I am using 7.2 with the latest updates and XP clients. DHCP is disabled and the gateway on the clients is set to the internal IP of the server.
As I say all was working fine until this Wednesday and I have spoken to my ISP who suprise suprise said there where no problems.
Any ideas ??
-
Bricka
Your symptoms seem erratic.
Do you have anything set in the Domains panel under Modify corporate DNS settings ?
At a guess it sounds to me like you are using a DNS server that is no longer working correctly.
You do not really need to specify anything for this setting so leave it blank.
Have you looked in the various log files to see if there are obvious errors being reported ?
Checked all your physical cable connections etc ?
-
Hi Mary,
I agree, very strange that I can ping various addresses and I have checked that if I disable the DSL line i get timeouts so I am deffinatelty pinging external addresses.
I have spoken to BT as I couldn't ping either DNS server that was been displayed in my router config page but could ping other things on the web and they have given me a ne addresss to try so wil do that now and see how I get on ??
I will check all the log files again, to see if there is anything obvious that I have missed and let you know.
I will try a NSLOOKUP command from my XP machines to see if I can resolve other things such as MX records.
-
Bricka
Why are you using a router when you are in server gateway mode ?
That's bound to cause DNS confusion if it's not all setup correctly.
You should have your sme server acting as the DNS server, not the router.
Your router should be in bridged mode with all other functions disabled,
or
otherwise put your server in server only mode and use the router for firewall and DNS & DHCP etc, with all those functions disabled in sme
You didn't answer what you have set for DNS in sme ?
-
If ping www.contribs.org works I will not believe that a DNS problem is the main problem.
To check further on if there is DNS problem and if port 80 is open out, I would try to use the text based browser from the gateway itself using this command: " elinks www.contribs.org "
www.contribs.org will look some different in this text based browser, but you can se it if DNS and TCP 80 connection works.
What I rather would expect is that there is a problem with the firewall or even more likely the Squid web cache.
To check out that all configuration files are like that they should I would have runned these commands:
signal-event post-upgrade
signal-event reboot
-
Mary, I use my router as the VPN server to give me more redundacy to access the LAN should the server go down - I have been caught out by this in the past.
Thanks for all the advice - I must stress that this installation has worked for this client for the last 9 months without any problems and nothing other than SME updates has changed with the installation.
I have traced this down to a problem on the SME box which I am now investigating - as a work around I have added the I.P address of my router into the corporate DNS which has got my client back up and running but I still want to get to the bottom of this issue.
Will keep you updated ......
-
I had this once with a machine that was running on a small harddisk. It was a 6.x server.
I found out very quickly that there was no option for squid anymore because the disk simply ran out of space.
Maybe you suffer from the same ?
Just a suggestion.
-
I have traced the problem down to Squid which appers not to be running - see below:
bash-3.00# /etc/init.d/squid stop
Stopping squid: [FAILED]
bash-3.00# squid -k shutdown
squid: ERROR: No running copy
bash-3.00# /etc/init.d/squid start
Starting squid: .................... [FAILED]
bash-3.00#
I have searched the forums but cannot find any threads on getting squid going again other than the commands above - any ideas ??
-
I have traced the problem down to Squid which appers not to be running - see below:
bash-3.00# /etc/init.d/squid stop
Stopping squid: [FAILED]
bash-3.00# squid -k shutdown
squid: ERROR: No running copy
bash-3.00# /etc/init.d/squid start
Starting squid: .................... [FAILED]
bash-3.00#
I have searched the forums but cannot find any threads on getting squid going again other than the commands above - any ideas ??
/etc/init.d/squid is not a valid SME command, as SME server supervises squid. You can check that squid is still running by doing:
sv status /service/squid
-
Thanks Charlie - Squid is deffiantely down.
bash-3.00# sv status /service/squid
down: /service/squid: 25837s; run: log: (pid 2408) 25836s
Should I report this inthe bug tracker or is there somethiung else I can try ??
By the way is there a document that I can review so that I can learn all the command lines on SME ??
-
Before doing anything check the logfiles related to the problem you've stumbled into.
Only with that info you (and others) can get any further.
-
It's true what is mentioned above that checking the log is a good idea.
By the way, if squid is running, a "quick and dirty" guess for what could be wrong would be this:
1. The disk might be full. (As mentioned above.)
2. There might for unknown reason be some damage on the Squid configuration file.
3. There could be some damage to the firewall configuration file (But this is littele likely to believe if the Squid does not run at all.
I acutally did not know about the sv command, so if I like to know if something is running, I use to run as an example this command: " ps -aux | grep squid " (I guess this basic Linux command should not have any bad side effects.)
If it is a question of a server function, also use to install the portscanner " yum install nmap " Then I do a portscan of localhost (nmap localhost), and all running and working server functions will be shown.
To se if the disk is full this command can be used: df (disk free.)
signal-event post upgrade should give new configuration files for the Squld daemon and the firewall (That is sending packets to Squid when using transparent proxy.) (Remeber also the signal-event reboot command.)
If the disk should apear to be full there is some easy linux commands to clear up and empty the Squid cache. I don't remeber it so it has to be Googled.
Please correct me anone if I'm using "no good" standard Linux commands. (They use to work for me.)
About commands in general: Click on documentation on the frontpage and specially the Admin Manual and the FAQ.
http://wiki.contribs.org/SME_Server:Documentation
-
Hi Guys,
It is not a disk space problem
bash-3.00# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/main-root
152784996 7176940 137846956 5% /
/dev/md1 101018 27752 68050 29% /boot
none 225312 0 225312 0% /dev/shm
Also I tried the command below but it does not work ??
bash-3.00# ps -aux | grep squid
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
root 2375 0.0 0.0 24 24 ? Ss Oct05 0:00 runsv squid
smelog 2408 0.0 0.0 3248 264 ? S Oct05 0:00 /usr/local/bin/multilog t s5000000 /var/log/squid.run
root 27689 0.0 0.1 4364 560 pts/2 T 21:13 0:00 grep squid
root 27691 0.0 0.1 5552 584 pts/2 S+ 21:14 0:00 grep squid
I have also installed the port scaner and port 80 is open, is this the port squid uses ??
bash-3.00# nmap localhost
Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2008-10-08 21:16 BST
Interesting ports on localhost (127.0.0.1):
(The 1644 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
26/tcp open unknown
80/tcp open http
110/tcp open pop3
139/tcp open netbios-ssn
143/tcp open imap
389/tcp open ldap
443/tcp open https
465/tcp open smtps
515/tcp open printer
548/tcp open afpovertcp
980/tcp open unknown
993/tcp open imaps
995/tcp open pop3s
1723/tcp open pptp
Nmap run completed -- 1 IP address (1 host up) scanned in 0.302 seconds
-
It looks like the Squid server is running, but its server port seems still to be not open. (TCP 3128)
(CORRECTION: Incorrect conclusion. Squid is not running and port is not open.)
I deleted the rest of the post as it was not correct.
-
My output from ps
[root@sme73guest ~]# ps aux | grep squid
root 2148 0.0 0.0 24 24 ? Ss 22:52 0:00 runsv squid
smelog 2177 0.0 0.0 2400 268 ? S 22:52 0:00 /usr/local/bin/multilog t s5000000 /var/log/squid.run
squid 3723 0.0 1.5 9784 5292 ? S 22:53 0:00 /usr/sbin/squid -f /etc/squid/squid.conf -sN -D
squid 3738 0.0 0.0 1700 272 ? Ss 22:53 0:00 (unlinkd)
root 4370 0.0 0.1 4820 576 pts/0 R+ 22:55 0:00 grep squid
[root@sme73guest ~]#
My portscanressults (There are some mods and added new ports):
[root@sme73guest ~]# nmap -p 1-10000 localhost
Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2008-10-08 23:00 CEST
Interesting ports on localhost (127.0.0.1):
(The 9981 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
26/tcp open unknown
80/tcp open http
110/tcp open pop3
139/tcp open netbios-ssn
143/tcp open imap
389/tcp open ldap
443/tcp open https
465/tcp open smtps
515/tcp open printer
548/tcp open afpovertcp
980/tcp open unknown
993/tcp open imaps
995/tcp open pop3s
1723/tcp open pptp
2000/tcp open callbook
3128/tcp open squid-http
4700/tcp open unknown
Nmap run completed -- 1 IP address (1 host up) scanned in 1.957 seconds
[root@sme73guest ~]#
Try: " ps aux | grep squid " again (No -aux)
You did not have this in your post:
squid 3723 0.0 1.5 9784 5292 ? S 22:53 0:00 /usr/sbin/squid -f /etc/squid/squid.conf -sN -D
Maybe a good idea to log in as root if you are not.
Looks like the squid server is down and that the port is not open, what is then reasonable.
Try:
" config show squid " to se system db configuration. Post output here.
(Should it show status=disabled this would explain.)
Suggestion: Try also to generate new configuration files and see what happen.
signal-event post-upgrade
signal-event reboot
-
You could also try to rebuild the database. Since you didn't provide any logfile information I can only assume that squid has a damaged database.
[ only when squid is not running this is safe to do so ]
rm -r /var/spool/squid/*
squid -z
Try to start squid again