eWall quits accepting new connections

Junior Member
Posts: 14
Joined: Tue Oct 07, 2008 2:04 pm

eWall quits accepting new connections

Postby kpenland » Mon Jan 23, 2012 6:29 pm

I'm running ver 3.0.217 with LSP and messagesniffer.
Currently, I have 4 agents configured. Problem I have is during periods of heavy incoming mail, eWall cfg window will show connections steadily climbing upward
to around 1400-1500 connections at which point eWall quits accepting connections on port 25. Connections thru agent on port 587 will connect but after issuing quit command will not release connection for 'some time'.
Netstat -a shows many, many connections in a CLOSE_WAIT stage.
At this time, connections will slowly go to 0.
You cannot connect on port 25 until some connections are released.
I'm trying to determine what's hanging it up.
Restarting ewall core will fix it until smtp volume gets high enough to hit some 'limit' which appears around 1400-1500 connections.

Developer
User avatar
Posts: 4431
Joined: Tue Apr 20, 2004 3:43 pm

Postby Alexander Telegin » Tue Jan 24, 2012 4:36 pm

It seems like system is out of free resources (sockets) and can't handle more connections. What is your OS? The parameter related to CLOSE_WAIT is stored in Registry and you may want to change it as described at link below to make system free sockets faster:

http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2networking/thread/4288d218-fbf9-4489-b869-384a05dea83d

Junior Member
Posts: 14
Joined: Tue Oct 07, 2008 2:04 pm

Postby kpenland » Tue Jan 24, 2012 8:38 pm

Thanks Alex,
I have already tried lowering the wait time.

It seems to me that the scanning by messagesniffer may be the cause of the
slowdown. The number of files in the temp directory seems to correlate fairly closely to the number of open sessions.
What bothers me is log entrys like the following
1/24/2012 3:08:50 PM 2111 63079 > QUIT
1/24/2012 3:08:50 PM 2111 63235 < 221 2.0.0 mail.airadvantage.net closing connection
1/24/2012 3:16:28 PM 2111 521735 Disconnect

where there is almost 8 minutes between close command and disconnect.
This is a log entry from when the open sessions is down around 100
and won't accept any more connections.
1/24/2012 3:09:07 PM 3702 281 Applying action 'set reply 550 5.7.1 Rejecting due to security policy'
1/24/2012 3:09:07 PM 3702 281 Applying action 'disconnect'
1/24/2012 3:32:45 PM 3702 1418344 Disconnect
Almost 22 minutes .....

This is a win2003 server, with 2.5gb ram, 2 2.8ghz Zeon dual-cores.
Any other info I can provide? I'm running out of ideas.

Developer
User avatar
Posts: 4431
Joined: Tue Apr 20, 2004 3:43 pm

Postby Alexander Telegin » Wed Jan 25, 2012 3:44 pm

This is very strange. I checked the code and can't find what may cause this delay. Do you have any antivirus or firewall installed? May I check your system remotely?

Junior Member
Posts: 14
Joined: Tue Oct 07, 2008 2:04 pm

Postby kpenland » Wed Jan 25, 2012 5:37 pm

I have to visit this server physically. It's in one of our 'data centers'.
I'm suspecting I might have a bad disk in the raid array. Disk io seems to be
a bottleneck. I've offloaded some of the mail load to another machine for now.
I'll get back to you in a few days...

Return to General

Who is online

Users browsing this forum: Bing [Bot] and 1 guest