giganet Posted April 1, 2009 Posted April 1, 2009 Hello Group... I have an issue with my SMTP server that is truly frustrating :angry2: A little about the network topography: I have a T1 coming into the office, the CSU for this T1 is an AdTran 3200 Netvanta. The LAN side of the AdTran is connected to a switch. This switch shares connectivity to the world for: 1 WWW Server, 1 SMTP Server, 1 WiFI Client Controller. At random times the connectivity just DROPS permanently until I disconnect the SMTP server from the switch and then all is good for all other connected devices. At first I didn't think much of this, kind of chalked it up to a one-off quirk After the first time this ocurred I just ran 'shutdown -y -i0 -g0' then re-booted the server all together and re-connected the SMTP server to the switch and all seemed fine. The next event courred again within 30 days, then the event JUST ocurred again this Monday so I ran the shutdown command again rebooting the server re-connected it to the world and all seemd fine again??? NOW, 2 days later the SMTP server is doing the same thing AGAIN! SO I just unlpugged the CAT5 cable and here I am submitting this question to the group. Another thing I notice is a slight performance drag on all Internet connectivity/performance when the SMTP server IS connected to the switch. Has anyone experienced such an issue or maybe does anyone have any suggestions? The NIC is on-board, I have tried inserting a 4-port NIC into a PCI slot and access BIOS disabling the on-board NIC. But after boot the system does not see the 4-port NIC??? I have also tried the above with a single port NIC and get the same results... I would really appreciate someones input as to what I could try to circumvent this issue possibly. Thanking you in advance for your help with this matter. Best Regards Share this post Link to post Share on other sites More sharing options...
Nerm Posted April 1, 2009 Posted April 1, 2009 I am assuming you have already tried another port on the switch and another patch cable. It sounds like a collision issue to me. You might want to install a packet monitor on the network to see what changes happen when the smtp server is plugged in and when it is not. Share this post Link to post Share on other sites More sharing options...
xPETEZx Posted April 1, 2009 Posted April 1, 2009 Further to Nerm's suggestion, you never mentioned installing the drivers for either of the 2 NIC's you tried. I assume you are running Windows Server? If this is the case, did either NIC show up under device manager as unknown hardware? Did anything change when you inserted the NICs? Another very simple check, when you plug the SMTP server into the switch, do you start to get crazy activity on its port? When you check task manager on the SMTP server, under the network tab, what is the utilization? Share this post Link to post Share on other sites More sharing options...
giganet Posted April 1, 2009 Posted April 1, 2009 I am assuming you have already tried another port on the switch and another patch cable. It sounds like a collision issue to me. You might want to install a packet monitor on the network to see what changes happen when the smtp server is plugged in and when it is not. Thanks for the reply Nerm... Yes I have already tried different patch cables, different port, and have even replaced one switch with another, but the same event ocurrs at weird random times. Could you make any suggestions of packet monitors. Why would this begin to happen out of the blue? This issue just surfaced in the last 3 months give/take... The worst thing is that I have no wiggle room with this circuit as I do have business clients which I connect VIA 802.11 900Mhz AP to 900Mhz CPE's. One of the clients runs a back-ground screening company and the second this event ocurrs my phone rings from this one client as he has 2-3 applications online from 4AM PST to 7PM PST and they are very sensitive to continuity in connnectivity. Have a great day Best Regards Share this post Link to post Share on other sites More sharing options...
PyRo_MaNiAc Posted April 1, 2009 Posted April 1, 2009 You could try Wireshark. Throw it on the SMTP server and watch the traffic going out search for any fishy things like higher ports and outgoing traffic. Random question I have seen something like this before are you doing mass mails through this particular SMTP server. Most ISP's will blacklist you after so many SMTP forwards and will start to limit your connections. Had this happen to a friend where they blacklisted and downgraded his fiber line performance. You don't have a relay set up on this SMTP server do you? Are you using Exchange 2003/2007 on Server 2003/2008? Share this post Link to post Share on other sites More sharing options...
giganet Posted April 1, 2009 Posted April 1, 2009 Further to Nerm's suggestion, you never mentioned installing the drivers for either of the 2 NIC's you tried. I assume you are running Windows Server? If this is the case, did either NIC show up under device manager as unknown hardware? Did anything change when you inserted the NICs? Another very simple check, when you plug the SMTP server into the switch, do you start to get crazy activity on its port? When you check task manager on the SMTP server, under the network tab, what is the utilization? Hi xPETEZx, thanks for the reply... Sorry I did not clarify, the server is NIX Ubuntu. On my other Ubuntu box I can simply install a new NIC card and it is seen. With respect to seeing crazy activity when the SMTP server is connected: Hard to tell as my network is always in a phsycotic state as my WiFI clients are always active to one degree or another. To give you and example: the AdTran CSU LED's and for that fact the public switch LED's are generally always in a state of full tilt boogie, and at peak customer usage time the LED's on the AdTran and public switch will remain solid. Thank you for the input, I am very much thankful and looking forward to locate the cause of this issue. Best Regards Share this post Link to post Share on other sites More sharing options...
giganet Posted April 1, 2009 Posted April 1, 2009 You could try Wireshark. Throw it on the SMTP server and watch the traffic going out search for any fishy things like higher ports and outgoing traffic. Random question I have seen something like this before are you doing mass mails through this particular SMTP server. Most ISP's will blacklist you after so many SMTP forwards and will start to limit your connections. Had this happen to a friend where they blacklisted and downgraded his fiber line performance. You don't have a relay set up on this SMTP server do you? Are you using Exchange 2003/2007 on Server 2003/2008? Thanks for the reply PyRo_MaNiAc... OK WireShark, one issue, this being a NIX box I do not have a desktop installed and run solely VIA CLI; will WireShark accomodate CLI monitoring? I have closed all ports other than the ones I utilize, the highest one is 54k which I use for SSH access. I personally am running no mass mailing and prohibit my clients from doing such alike. When I run 'netstat -tap' I only see my networks accessing services, anyone out of the network get's firewalled out permanently. My data line is provided by Verizon Business, and beleive me if I violate the AUP they Dave-slap me rapidly VIA E-Mail. No relay on this or any of my NIX boxes. I use PostFix as an MTA and it is my strongest dislike to even think of running an open relay. I'll await your reply PyRo_MaNiAc. Best Regards Share this post Link to post Share on other sites More sharing options...
PyRo_MaNiAc Posted April 1, 2009 Posted April 1, 2009 Could you possibly PM me or post your currently active listening TCP ports on the SMTP server? I know in your original post you kind of laid out your network but I saw boxe(s) so I have to ask are you using any type of load balancer? Share this post Link to post Share on other sites More sharing options...
PyRo_MaNiAc Posted April 2, 2009 Posted April 2, 2009 Just got back from a walk and started thinking. Install wireshark on an XP box and plug it into the switch. Wireshark doesn't really care if its on the server or not you can sort the results (ports, destinations, IP's so on) after running it for 5-10 mins. Does this failure have a pattern at all? Times/days it happens. Do you have a virus scanning box before any mail reaches or goes out of the SMTP server to get scanned? Share this post Link to post Share on other sites More sharing options...
Nerm Posted April 2, 2009 Posted April 2, 2009 wireshark on another PC on the same network as the SMTP server will work just fine. What all do you have as far as packages installed on the SMTP server? Does it function solely as an SMTP server and nothing else? Share this post Link to post Share on other sites More sharing options...
giganet Posted April 2, 2009 Posted April 2, 2009 wireshark on another PC on the same network as the SMTP server will work just fine. What all do you have as far as packages installed on the SMTP server? Does it function solely as an SMTP server and nothing else? Wow! Thank you all for the great input... I am not at the NOC for the front part of today as I have to go and install a couple new wireless clients. However once I return to the NOC I will send the listening ports and other info you all requested last night. Once again thank you all for the rush of support and input :thumbs-up: Everyone have a killer day, it's 75 here in Anza California and I will enjoy the great outdoors. Best Regards Share this post Link to post Share on other sites More sharing options...
Nerm Posted April 3, 2009 Posted April 3, 2009 No problem! I troubleshoot these sorts of problems for a living so I know how aggravating it can be. lol Another thing I hadn't thought to ask you but I assume you have already done. Have you checked to make sure there aren't any updates/patches for the smtp server? It is amazing how many weird issues can just disappear after an update/patch install. Share this post Link to post Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now