Want more timely Centmin Mod News Updates?
Become a Member

CSF Can ping but can't open page

Discussion in 'Other Centmin Mod Installed software' started by pamamolf, Aug 30, 2016.

  1. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x

    TCP Recycle Fix



    Updated both Centmin Mod 123.08stable and 123.09beta01 builds for a TCP fix to disable tcp_tw_recycle which causes problems when multiple local lan devices try to connect to the server from same ISP IP. Problem was reported by @pamamolf at CSF - Can ping but can't open page | Page 4 | Centmin Mod Community Thanks for the bug report and making Centmin Mod that one step better :)

    To apply the fix, update your local server's Centmin Mod branch code using below listed instructions for centmin.sh menu option 23 submenu option 2. Then re-run centmin.sh once to auto apply the fix. This fix and issue only applies to non-OpenVZ systems. OpenVZ VPS servers are not able to edit TCP settings so Centmin Mod never applies any in the first place.

    Commit: Beta Branch - disable tcp_tw_recycle | Centmin Mod Community

    To update your Centmin Mod builds follow instructions at centminmod.com/upgrade.html and respective version threads below:
     
  2. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    It is my pleasure to help :)
     
  3. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Coping with the TCP TIME-WAIT state on busy Linux servers | Vincent Bernat

    :)

    You tell me :)
     
  4. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    If i am not wrong i think we have to disable also:

    Code:
    net.ipv4.tcp_tw_reuse
    ?

    Coping with the TCP TIME-WAIT state on busy Linux servers | Vincent Bernat

    I just report that as i let my friend know about it and he told me that is much better now but not 100% solved.....at least for him....
     
    Last edited: Sep 9, 2016
  5. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    I try to disable here:

    both:

    Code:
    net.ipv4.tcp_tw_recycle = 0
    net.ipv4.tcp_tw_reuse = 0
    I am on Centos 7 and when i run :

    Code:
    /sbin/sysctl --system
    i am getting this output:

    and check there:

    Doesn't change them?
     
  6. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    try and see if it helps your friend first

    seem it's applying to /etc/sysctl.conf so you have /etc/sysctl.conf set too .. older centmin mod used /etc/sysctl.conf even for centos 7 so can empty out /etc/sysctl.conf if you have /etc/sysctl.d/101-sysctl.conf
     
  7. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Ok problem solved now 100% and without the change of :

    Code:
    net.ipv4.tcp_tw_reuse
    don't know if it is good to disable it actually :)

    but the installation was a month ago and Centminmod add that kernel adjustments on :

    Code:
    /etc/sysctl.conf
    so the installation is not very old and the OS is Centos 7....can you please double check that Centminmod properly locate the /etc/sysctl.d/101-sysctl.conf and doesn't add any info on /etc/sysctl.conf ?

    Thanks !!!!!
     
  8. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    a few bugs with the latest update fix have been fixed again so should be good this time including detection for centos 7 and /etc/sysctl.conf :)

    disabled it too
     
  9. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Now i just found an identical issue with ftp :(

    Two or three users can't ftp at the same time :(

    At the moment i can't provide any feedback as i will be out for a few days like verbose connection ..... :(

    But i think it is easy George to check it please by yourself ?

    Using latest Centminmod and latest Centos 7.x.

    Don't know if using for ftp server ip or domain can cause such issue..... ?

    It should be work with both i think.

    Thank you
     
  10. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
  11. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Already set to:

    I have restart also firewall after that using csf -r
     
  12. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Is this ftp into same site using same pure-ftpd login details ? via same server IP ? with same user ISP IP addresses or different ISP ip addresses ?
     
  13. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    when you get back and have time, try going through the steps we went through at Pure ftp disconnect issue | Centmin Mod Community with pure-ftpd logs, verbose logging and lfd.log etc.

    also post output for this command
    Code (Text):
    grep -C3 MaxClients /etc/pure-ftpd/pure-ftpd.conf

    i.e. output
    Code (Text):
    grep -C3 MaxClients /etc/pure-ftpd/pure-ftpd.conf
    # Maximum number of simultaneous users
    MaxClientsNumber            500
    --
    # Maximum number of sim clients with the same IP address
    MaxClientsPerIP             200
     
    Last edited: Sep 15, 2016
  14. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Yes to all !

    And i have tested most with two/three Pc's on the same network so same ip but also with one pc on another ISP.....

    I disable also explicit FTP over TLS just to be sure but nothing...
     
  15. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    also post output for this command
    Code (Text):
    grep -C3 MaxClients /etc/pure-ftpd/pure-ftpd.conf

    i.e. output
    Code (Text):
    grep -C3 MaxClients /etc/pure-ftpd/pure-ftpd.conf
    # Maximum number of simultaneous users
    MaxClientsNumber            500
    --
    # Maximum number of sim clients with the same IP address
    MaxClientsPerIP             200


    it could be due to how your users FTP clients connect/transmit data i.e. opening too many simultaneous connections/transfer sessions at one time i.e. Filezilla's settings for simultaneous transfers and concurrent download/uploads don't set too high

    upload_2016-9-15_13-1-35.png

    you can count them when your users are all logged into FTP doing download/uploads, via ssh command
    Code (Text):
    netstat -plantu | grep YOURISP_IPADDRESS | wc -l
     
  16. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Ok thanks i will check the rest also....
     
  17. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    If they open many connections then it should stop open new for them or maybe disconnect as a result.....

    But what i say is that they can't connect.....

    If i as a user connect and open many connections then i only have issues as there is no global setting related on ftp for others to get limited by such actions.....

    So another user should be able to connect....
     
  18. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    then you should go through all the troubleshooting in this thread for them too. Is this same group of user who had problems or different group ? and different server ? Make sure the fixed TCP setting is in place on this different server too
     
  19. eva2000

    eva2000 Administrator Staff Member

    45,226
    10,284
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,939
    Local Time:
    1:25 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    also which ftp clients apps they using ? have you tried different ones ? wincp, filezilla, cuteftp, cyberduck ?
     
  20. pamamolf

    pamamolf Premium Member Premium Member

    3,849
    378
    83
    May 31, 2014
    Ratings:
    +726
    Local Time:
    6:25 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    No other ones :)

    Netbeans FTP they told me.....

    I will let them try Filezilla ....