1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Router becoming unreachable via ssh and via port 80

Discussion in 'Tomato Firmware' started by Jedis, Jul 19, 2009.

  1. Jedis

    Jedis LI Guru Member

    The router is still working and serving requests for the internet...

    However, over the last few days it stops accepting requests to connect to it via the web interface and ssh. A reboot clears the problem up, but within a day or so, it unbecomes unresponsive again.

    Is there any setting I can check to see what it might be doing? I don't see anything wrong in the syslog that it's still sending to my other pc.
     
  2. Jedis

    Jedis LI Guru Member

    Would the Blizzard Downloader monopolizing the connection over the past week or so be causing the httpd and dropbear processes to somehow go down?
     
  3. jan.n

    jan.n Addicted to LI Member

    I don't play WoW but IMHO: no. BTW, isn't the Blizzard downloader using torrent?
    If so, perhaps there are issues with CONNTRACK (I'm _no_ expert)...
     
  4. Jedis

    Jedis LI Guru Member

    Yeah, it's a modified bittorrent I believe.
     
  5. Toastman

    Toastman Super Moderator Staff Member Member

    The behaviour you describe often happens when the conntrack table becomes full, often due to too much P2P. Also, less obviously, a sudden "connection storm" which can be caused by other factors such as a virus-infected LAN machine, can open several thousand connections in a few seconds, usually the router will become extra sluggish, web gui won't respond. Because it happens so quickly, usually there's no clue as to what is going on, since you can't access the router, and nothing is shown even in remote logs. It may on occasions reboot, but not always. It may also recover on it's own after a while, but more often not.

    I was once lucky enough to catch this happening while the GUI was still available, so I hit the "drop idle" button in conntrack, and this recovered the situation. Does anyone know how to issue a command to do this with a script? It may be interesting to experiment....
     
  6. Planiwa

    Planiwa LI Guru Member

    echo 15 > /proc/net/expire_early

    If you mean "a script to detect a connection storm and take action" -- I have (and use) such programs, but they are inter-dependent and not easy to isolate from other tools.

    For example, there is a watcher which speaks to me when a distant site is experiencing a connection surge. It then does some "flight-recording" and saves it away, for later forensics, should it become necessary. The watcher works in "real time".

    There is also a 5-minute monitor that displays connections, broken down by user and connection type, protocol, idle time, etc.
     
  7. Jedis

    Jedis LI Guru Member

    Just happened again with the downloader blocked... Here's all the errors from today via syslog:

    <11>Jul 21 01:37:19 kernel:  CIFS VFS: cifs_mount failed w/return code = -147
    <11>Jul 21 01:37:19 kernel:  CIFS VFS: No response buffer
    <12>Jul 21 01:41:54 rstats[105]: Problem loading /cifs1/tomato_rstats_0013107d400e.gz. Still trying...
    <75>Jul 21 02:00:01 crond[97]: can't vfork
    <75>Jul 21 02:00:01 crond[97]: USER root pid   0 cmd logger -p syslog.info -- -- MARK --

    It repeats this over and over again over the course of the day.

    I tried connecting via ssh, and get this showing in syslog:

    <84>Jul 21 17:43:10 dropbear[74]: error forking: Resource temporarily unavailable

    Any ideas?
     
  8. rhester72

    rhester72 Network Guru Member

    Looks like it's out of memory. Try reducing your max connections allowed to reduce your memory footprint.

    Rodney
     

Share This Page