When were you having problems? There were some router problems at the hosting site on Sunday, but those seem to have cleared up now. I also had some problems with my DNS config a few days ago, but that’s sorted out now and seems to be working OK for me. Your traceroute suggests DNS is working at least some of the time because you traced www.weather-watch.com and it looked the IP address up OK.
If you’ve got local tools to do it (nslookup, dig, a local copy of SamSpade) try doing a query on www.weather-watch.com and let me know what it says. Output from dig is the most useful (either from the dig utility or dig in SamSpade).
I’ve only tried the past few days including last night. (12 hrs ago from now) I’ll try the tools you posted if I still have trouble tonight. I know that I could connect a few months ago. I’ll either update this later when I get home and it works, or tomorrow at work if it does not. Thanks for the help.
I’ve been doing some more investigations tonight and it’s possible that there have been some more networking oddities introduced onto the server by upgrading from Fedora Core 2 to FC3. If anyone else is running FC3, you might like to check whether you want to:
Be running in zeroconf mode. Do a route -n and see if a route shows up to 169.254.0.0. This is apparently something developed by Apple to allow machines to plug into a network and work. Unfortunately it seems to be on by default in FC3. You can turn this off by adding NOZEROCONF=yes into /etc/sysconfig/network
Be using IPv6 alongside IPv4. Apparently this can slow down DNS lookups because the DNS server tries to do IPv6 lookups and won’t respond with IPv4 addresses until the IPv6 lookup times out. You can disable this by adding ‘alias net-pf-10 off’ to /etc/modprobe.conf.
I suspect that (2) was causing some problems at times. I’ve now removed it (it will be fully disabled at the next server reboot). I was seeing some ping times to the server of up to 2.5 seconds earlier this evening, with fairly long periods (30-60 seconds) of 500-900mS pings. I’m now monitoring the ping time to see if things are better. It’s running at an average of 35mS over the last 10 minutes which seems reasonable. There are some peaks showing up, but these are blips rather than extended slow periods.
Any performance observations from other parts of the world are welcomed.
Any network experts out there? Things seem better after I disable the IPv6 stuff, but on watching the incoming packets (using tcpdump) I’m seeing bursts of large numbers (hundreds in come cases) of packets like…
This appears to be related to flow control packets and/or the spanning tree mechanism. These type of packets appearing seem to correspond to slow ping times to the server. It’s getting late and I’m tired, so I’m giving up my research on this for tonight, but I wondered if anyone else had any info on this type of packet ans more particularly if it’s a fault condition (somewhere in the system), or just something I’ve never seen before.
I’m now more convinced that the cause of this problem is a packet storm on the network local to the server. The odd packets I asked about yesterday, e.g.
…have made a comeback. In one 34 second period TCPDUMP captured over 73,000 of these critters! When the storm is taking place my server sees no other network activity, which is probably why it seems so slow. I’ve reported the problem to the hosting site company, but as my SLA only covers 5*8 I won’t hear anything until tomorrow.
I’m going to investigate the DNS problems now, although perhaps some of those are related to the network problems?
The old main http://www.weather-watch.com/phpBB2 link does re-direct, but if you have any links saved that point to specific parts of the old forum they won’t work, i.e. I only redirect index.php and index.html to the new forum.
Another storm at approx 2200-2210 (GMT). In a 2 minute period I captured approx 200,000 packets, but lost another 400,000! Of the 200,000 I captured 154,000 were the weird multicast ‘flow control’ packets
I’ve checked my DNS out and it looks like it’s working OK from the places I can check it from (home, the server itself and www.samspade.org). There isn’t anything I can see that could stop other DNS systems from querying either my master DNS (ns.master-dns.co.uk) or any of the three slaves (ns.asuk.net, ns2.asuk.net or ns3.asuk.net).