- Posts: 10
- Thank you received: 0
Connection Loss
18 years 2 months ago #16332
by wlekns
Replied by wlekns on topic Re: Connection Loss
I'm experiencing a similar problem and was wondering what the resolution was to this issue?
18 years 1 month ago #17120
by mikel23
Replied by mikel23 on topic Re: Connection Loss
Hi Guys
After much testing I finally found the problem. In the basement of our building in a dark locked room lay our faulty media converter. This unit is taking our 100Mb Ethernet line from our server room
down to the basement where it is converted to a 2Mb Fibre connection. The fan was faulty on the unit and so it was overheating. An overheating media converter means PACKET DROPS!!! General web browsing wasn't troubled with this amount of loss however Citrix didn't like it at all! Replaced the unit and haven't had a drop since.
Thanks everyone for you help on this!
Michael
After much testing I finally found the problem. In the basement of our building in a dark locked room lay our faulty media converter. This unit is taking our 100Mb Ethernet line from our server room
down to the basement where it is converted to a 2Mb Fibre connection. The fan was faulty on the unit and so it was overheating. An overheating media converter means PACKET DROPS!!! General web browsing wasn't troubled with this amount of loss however Citrix didn't like it at all! Replaced the unit and haven't had a drop since.
Thanks everyone for you help on this!
Michael
18 years 1 month ago #17125
by DaLight
Replied by DaLight on topic Re: Connection Loss
How infuriating! Anyway it all working OK now. It sometimes amazes how IT systems work at all with all the potential sources of failure.
18 years 1 month ago #17172
by Bikramjit
Replied by Bikramjit on topic Re: Connection Loss
Well, to be honest you will not get any valid log when the firewall drops the connection.
Now I am giving you some possible reasons of connection drop:
1.Excessive use of Proxies in the Firebox: - Proxies put more load on the Firebox as compared to Filters, excessive load may cause Firebox Lockup.
Resolution: - There is no specific limit to the number of proxies but it is recommended to avoid their unnecessary use. For eg. it is always recommended to use an SMTP proxy to check the Incoming traffic and an SMTP filter for Outgoing. If Outgoing SMTP traffic from the network is high, proxying the same will put a lot of load on the firebox.
2.Any layer 2 devices like hubs or switches behind the firebox, which are prone to network loops, and might cause the firebox to lockup.
Resolution: - This is one of the prominent reasons for lockups. The only way to check for the same is to bypass the switch and attach a single computer on the trusted interface of the firebox, which would be possible only in off-hours.
3.Any Virus infected peers behind the firebox which could be generating excessive traffic and occupying memory.
Resolution: - Can be identified by watching the traffic monitor or running a latest virus update on the network
4.Proxy Memory allocations - To see what is Firewall memory utilization you can take look at the Status Report
Resolution: - Can be identified through Status Report.
Also you can try to disable the "Syn flood attacks" as those are the half close tcp connection.
Regarding the TCP RST message, it means, The actual meaning of the log is that the packet sent was not in the correct state so the firewall blocked it. This is a good thing on the firewall's part.
Now I am giving you some possible reasons of connection drop:
1.Excessive use of Proxies in the Firebox: - Proxies put more load on the Firebox as compared to Filters, excessive load may cause Firebox Lockup.
Resolution: - There is no specific limit to the number of proxies but it is recommended to avoid their unnecessary use. For eg. it is always recommended to use an SMTP proxy to check the Incoming traffic and an SMTP filter for Outgoing. If Outgoing SMTP traffic from the network is high, proxying the same will put a lot of load on the firebox.
2.Any layer 2 devices like hubs or switches behind the firebox, which are prone to network loops, and might cause the firebox to lockup.
Resolution: - This is one of the prominent reasons for lockups. The only way to check for the same is to bypass the switch and attach a single computer on the trusted interface of the firebox, which would be possible only in off-hours.
3.Any Virus infected peers behind the firebox which could be generating excessive traffic and occupying memory.
Resolution: - Can be identified by watching the traffic monitor or running a latest virus update on the network
4.Proxy Memory allocations - To see what is Firewall memory utilization you can take look at the Status Report
Resolution: - Can be identified through Status Report.
Also you can try to disable the "Syn flood attacks" as those are the half close tcp connection.
Regarding the TCP RST message, it means, The actual meaning of the log is that the packet sent was not in the correct state so the firewall blocked it. This is a good thing on the firewall's part.
18 years 1 month ago #17173
by Starfire
Nice find!
Always good after debating lots of technical issues that could be the problem, it turns out to be something simple and mechanical.
Replied by Starfire on topic Re: Connection Loss
The fan was faulty on the unit and so it was overheating. An overheating media converter means PACKET DROPS!!!
Nice find!
Always good after debating lots of technical issues that could be the problem, it turns out to be something simple and mechanical.
Time to create page: 0.130 seconds