Linux Router Problem
Linux Router Problem
Dear experts
I have a Linux Router having 4 different subnets.
after 4/5 hours inter subnet traffic starts hanging and getting more delayed and sometimes not accessible even.
when i restart the Linux router it works normal for next 4/5 hrs.
kindly let me know what may be the problem and how to solve it.
secondly can i clear network buffer without restarting the linux based router.
waiting for quick reply
I have a Linux Router having 4 different subnets.
after 4/5 hours inter subnet traffic starts hanging and getting more delayed and sometimes not accessible even.
when i restart the Linux router it works normal for next 4/5 hrs.
kindly let me know what may be the problem and how to solve it.
secondly can i clear network buffer without restarting the linux based router.
waiting for quick reply
Ahsan
do you have anything special configured, other than gateway mode (net.ipv4.ip_forward=1)?
what does "netstat -s" say? are there any messages on the console, or in the logs (dmesg, or /var/log/kern.log)? have you installed tcpdump and looked at the packets to see if they reach your router?
what does "netstat -s" say? are there any messages on the console, or in the logs (dmesg, or /var/log/kern.log)? have you installed tcpdump and looked at the packets to see if they reach your router?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Linux Router Problem
Netstat -s is as follows
Ip:
23619429 total packets received
4 with invalid headers
23326719 forwarded
0 incoming packets discarded
62363 incoming packets delivered
96502 requests sent out
232 reassemblies required
116 packets reassembled ok
116 fragments received ok
232 fragments created
Icmp:
1444 ICMP messages received
153 input ICMP message failed.
ICMP input histogram:
destination unreachable: 465
echo requests: 979
5481 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 4502
echo replies: 979
Tcp:
0 active connections openings
............
Udp:
53408 packets received
...........
Udp:
53408 packets received
.............
nothing special configured excepting routing and firewall IPTables.
Just 4 subnets and Linux send the traffic to gateway firewall.
RAM is 384472 kB
Do i need Increase RAM
How can i optimize with current RAM
i have studied a method to optimize kernal parameters for RAM by using sysctl....should i go for that ???
tell me if u need some more information...
thanks and waiting.......!!
Me
Ip:
23619429 total packets received
4 with invalid headers
23326719 forwarded
0 incoming packets discarded
62363 incoming packets delivered
96502 requests sent out
232 reassemblies required
116 packets reassembled ok
116 fragments received ok
232 fragments created
Icmp:
1444 ICMP messages received
153 input ICMP message failed.
ICMP input histogram:
destination unreachable: 465
echo requests: 979
5481 ICMP messages sent
0 ICMP messages failed
ICMP output histogram:
destination unreachable: 4502
echo replies: 979
Tcp:
0 active connections openings
............
Udp:
53408 packets received
...........
Udp:
53408 packets received
.............
nothing special configured excepting routing and firewall IPTables.
Just 4 subnets and Linux send the traffic to gateway firewall.
RAM is 384472 kB
Do i need Increase RAM
How can i optimize with current RAM
i have studied a method to optimize kernal parameters for RAM by using sysctl....should i go for that ???
tell me if u need some more information...
thanks and waiting.......!!
Me
Ahsan
Linux Router Problem
also please note.......net.ipv4.ip_forward is disabled...!!
#cat /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
#cat /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
Ahsan
if it's disabled, how is it working as a router?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Linux Router Problem
it's working as router for inter VLAN Routing through router added through routes in /etc/rc.d/routes.sh
plz just let me know how can i clear the network buffer so that i don't have to restart the linux. I have also increased the RAM of the Box but having same problem......!!!
plz just let me know how can i clear the network buffer so that i don't have to restart the linux. I have also increased the RAM of the Box but having same problem......!!!
Ahsan
what's in the routes.sh file? the amount of system memory you have is more than sufficient for the task.
have you compared the output of netstat -s when the router is okay with the output when the router is not okay?
have you compared the output of netstat -s when the router is okay with the output when the router is not okay?
when the experts ask you questions that you fail to answer, the experts lower you on their priority list. where are the answers to the other questions i asked?where are the experts ...........???
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Linux Router Problem
sorry for late reply
i have to monitor according to the instructions before reply, so it takes delay.
during problem i have notices following
netstat -s shows that
IP:
"73 dropped because of missing route"
ICMP:2695 ICMP messages received
90 input ICMP message failed.
I am continuously monitoring interfaces also and inter subnet traffic reaches 2-3 GB then i have to restart to resolve the prom, i also tried to restart the network service but problem not resolved.
eth0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX bytes:20861824 (19.8 Mb) TX bytes:3436792575 (3277.5 Mb)
eth1
RX bytes:2326332392 (2218.5 Mb) TX bytes:2472398224 (2357.8 Mb)
eth2
RX bytes:271662698 (259.0 Mb) TX bytes:1069406206 (1019.8 Mb)
eth3
RX bytes:812341671 (774.7 Mb) TX bytes:781762733 (745.5 Mb)
after this status i have to restart
tell me what more information you require ?
i have to monitor according to the instructions before reply, so it takes delay.
during problem i have notices following
netstat -s shows that
IP:
"73 dropped because of missing route"
ICMP:2695 ICMP messages received
90 input ICMP message failed.
I am continuously monitoring interfaces also and inter subnet traffic reaches 2-3 GB then i have to restart to resolve the prom, i also tried to restart the network service but problem not resolved.
eth0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX bytes:20861824 (19.8 Mb) TX bytes:3436792575 (3277.5 Mb)
eth1
RX bytes:2326332392 (2218.5 Mb) TX bytes:2472398224 (2357.8 Mb)
eth2
RX bytes:271662698 (259.0 Mb) TX bytes:1069406206 (1019.8 Mb)
eth3
RX bytes:812341671 (774.7 Mb) TX bytes:781762733 (745.5 Mb)
after this status i have to restart
tell me what more information you require ?
Ahsan
* are there any messages on the console, or in the logs (dmesg, or /var/log/kern.log) when it stops forwarding the traffic?
* have you installed tcpdump and looked at the packets to see if they reach your router?
* what's in the routes.sh file?
* have you installed tcpdump and looked at the packets to see if they reach your router?
* what's in the routes.sh file?
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Linux Router Problem
no file named kern.log at location /var/log
routes.sh has only private IP's routes to my VPN concentrator which is on one interface of the interfaces.
let me know which questions are un answered ?
routes.sh has only private IP's routes to my VPN concentrator which is on one interface of the interfaces.
let me know which questions are un answered ?
Ahsan
read this carefully:
in the end, you have to solve the problem. no one here can solve your problem for you. the best we can do is help you solve your problem, but that requires you to be willing to solve the problem.
are you willing? if so, start by answering the questions. when i ask (twice) if you've used tcpdump to diagnose the issue, i don't want you to ignore my question. i also don't want you to say "no, i haven't used tcpdump". i want you to use tcpdump to watch your traffic.
what does "sysctl net.ipv4.ip_forward" say? if it's 0, then please explain exactly how you've set the system up to forward traffic between interfaces because that's still unclear. if it's 1, then you're going to have to look at routes.sh or any other scripts you run very carefully, because some script or application is obviously doing something that you haven't described.
when i say
think, man, think! be more proactive.
in the end, you have to solve the problem. no one here can solve your problem for you. the best we can do is help you solve your problem, but that requires you to be willing to solve the problem.
are you willing? if so, start by answering the questions. when i ask (twice) if you've used tcpdump to diagnose the issue, i don't want you to ignore my question. i also don't want you to say "no, i haven't used tcpdump". i want you to use tcpdump to watch your traffic.
what does "sysctl net.ipv4.ip_forward" say? if it's 0, then please explain exactly how you've set the system up to forward traffic between interfaces because that's still unclear. if it's 1, then you're going to have to look at routes.sh or any other scripts you run very carefully, because some script or application is obviously doing something that you haven't described.
when i say
i don't want to hear that you have no /var/log/kern.log, and that's it. i want you to look at and tell me about dmesg's output. i want you to tell me about anything in the log files -- you probably have /var/log/messages, or /var/log/syslog. i'm not logged into your system, so i don't know where your distribution sends its kernel messages to.are there any messages on the console, or in the logs (dmesg, or /var/log/kern.log) when it stops forwarding the traffic?
think, man, think! be more proactive.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Linux Router Problem
dear lambda
actually this box was not configured by me, but i am currently managing it. so had little confusions myself also.
currently monitoring through tcpdump and dmesg and will get back to you soon with required details.
thanks for help.
actually this box was not configured by me, but i am currently managing it. so had little confusions myself also.
currently monitoring through tcpdump and dmesg and will get back to you soon with required details.
thanks for help.
Ahsan
-
- Subedar
- Posts: 355
- Joined: Sat May 07, 2005 11:54 am
- Location: Lahore
- Contact:
Hi Ahsan
can you give me access to that server ?
can you give me access to that server ?
Regards
Rana Tanveer
+923224194457
Linux Student
For Affordable Web Development http://www.affordableprogrammers.com
http://www.qualityprogrammers.com
Rana Tanveer
+923224194457
Linux Student
For Affordable Web Development http://www.affordableprogrammers.com
http://www.qualityprogrammers.com