website on and off and on again etc.

P

peach

Verified User
Joined
Feb 15, 2009
Messages
19
I'm having the worst day ever, my site keeps coming down and back up and down etc. it seems to alternate every XX minutes.

Luckily, my server has more than 1 ip number connected to it, and I notied that while http://xxx.xxx.20.16:2222 is unreachable during website downtime, the next ip is still online: http://xxx.xxx.20.17:2222

I’ve been googling a lot (I know nothing about networking) and did a traceroute of 2 of my servers ips, showing there is a problem with the important ip number:
http://i.imgur.com/QhVPm.jpg

So far I've rebooted everything, did a yum update, restarted named manually and all I've discovered is that when the sites are down named is logging this:

Code: 
Apr 12 16:58:02 server named[11163]: client 62.231.96.130#25392: error sending response: host unreachable
Apr 12 16:58:04 server named[11163]: client 82.76.253.162#56275: error sending response: host unreachable
Apr 12 16:58:07 server named[11163]: client 66.76.150.6#26302: error sending response: host unreachable
Apr 12 16:58:20 server named[11163]: client 193.47.80.39#25601: error sending response: host unreachable
Apr 12 16:58:21 server named[11163]: client 62.45.94.13#19557: error sending response: host unreachable
Apr 12 16:58:22 server named[11163]: client 62.45.45.63#60164: error sending response: host unreachable
Apr 12 16:58:28 server named[11163]: client 94.228.34.236#40681: error sending response: host unreachable
Apr 12 16:59:20 server named[11163]: client 188.40.24.98#44966: error sending response: host unreachable
Apr 12 16:59:21 server named[11163]: client 188.40.24.98#45846: error sending response: host unreachable
Apr 12 16:59:21 server named[11163]: client 188.40.24.98#40762: error sending response: host unreachable
Apr 12 16:59:22 server named[11163]: client 188.40.24.98#52821: error sending response: host unreachable
Apr 12 16:59:26 server named[11163]: client 130.241.150.2#30319: error sending response: host unreachable

I've already sent an email to DA support but they haven't answered all day and this problem keeps me from doing my work so it's very frustrating. Especially when the site comes back on, I think it's fixed and 5 minutes later it's gone.

I don't know what kind of firewall I'm using, my friend who installed my server is on vacation and unreachable. I do know it runs Centos and it's a dedicated server.
 
Last edited:
Hello,

I'd rather say you need get in touch with your DC (leaseweb.net) directly or reseller from whom you bought a dedicated server. It might an issue on their side, maybe router is falling or anything else.

Note, if you need a private help with diagnosing and possible fixing the issue, feel free to contact some of us here, who can give you a hand as a commerce service.
 
Since I've disabled iptables the sites have been available uninterrupted for some hours. I think iptables got autostarted after I disabled it but perhaps flushing it's caches fixed the problem. Would be pretty lame if my firewall decided to block access to all my site. Allthough it is the ultimate safety measure I don't appreciate it.
 
The fact tht iptables is enabled is not the problem. The problem is that you (or someone or something you or someone else has installed) has put something into iptables. Check for firewall scripts and what they're doing.

Jeff
 
I think nmap is running as a frontend for iptables, but it's been on there for years not sure why it went haywire today.
From the log I could see it has happend before in past few weeks, the named errors.
I am dealing with an increased amount of publicity and spam recently but it's still hard to imagine a firewall completely blocks the ip number. it wasn't just port 80 also port 2222.
I've never done anything manual with iptables or nmap and no-one but me has access to the server.
 
Today it happened again, I ran 'service iptables stop' and the site was back up immediately.
so I know its the firewall but Im not sure how to fix it, so far I've found that nmap and apf are doing firewall stuff, not sure if theres more frontends to iptables.
Is anyone here a firewall expert?
 
APF is indeed a frontend to iptabls.
Nmap is more of a port testing tool etc.

I suggest to remove apf and install csf/lfd firewall as a frontend to iptables and disable the standard iptables setup.
In CSF you can also exclude your ip from being blocked in the firewall and csf also has a directadmin plugin.
 
You must log in or register to reply here.
Back
Top