joubarani
12-05-2001, 08:23 AM
Hi,
We have a cobalt raq 4i with RackShack. The raq has 512M RAM and about 40G hard capacity. The raq stopped for about half an hour between 22:50:35 GMT and 23:18:08 GMT. Since we have a web-based email server for about 1000 users, we examined the mail log file and saw the following:
Dec 5 00:50:35 server in.qpopper[30229]: I/O Error from at 207.218.223.135 (207.218.223.135): [-1] 104 (Connection reset by peer); 0 (Success)
Dec 5 00:50:35 server in.qpopper[30229]: (null) at 207.218.223.135 (207.218.223.135): -ERR POP EOF or I/O Error: 104 (Connection reset by peer); 0 (Success)
Dec 5 01:18:08 server sendmail[558]: gethostbyaddr(216.40.242.138) failed: 1
Dec 5 01:18:08 server sendmail[558]: gethostbyaddr(216.40.242.137) failed: 1
Dec 5 01:18:09 server sendmail[564]: starting daemon (8.10.2): SMTP+queueing@01:00:00
Before the server returned to its original status by itself, we found that the SMTP is not functioning. And from BW monitoring graph the input traffic jumped drastically to about 70Mbps and the output jumped to 50Mbps.
We took the registered IP in the mail log file 207.218.223.135 and achieved a lookup and traceroute which had the following results:
IP address: 207.218.223.135
Host name: argus.rackshack.net
TraceRoute to 207.218.223.135 [argus.rackshack.net]
Hop (ms) (ms) (ms) IP Address Host name
1 0 0 0 216.191.147.1 -
2 0 0 0 216.191.195.33 solutions-sherweb.p2p.attcanada.ca
3 16 0 0 216.191.67.17 core1-tor-pos5-2.bb.attcanada.ca
4 16 0 0 216.191.65.243 gwy1-tor-srp2-0.bb.attcanada.ca
5 15 16 16 12.125.142.5 -
6 16 0 15 12.123.5.218 gbr5-p80.cgcil.ip.att.net
7 0 31 16 12.122.11.41 tbr1-p013501.cgcil.ip.att.net
8 16 15 16 12.122.11.206 ggr1-p340.cgcil.ip.att.net
9 15 16 16 192.205.32.70 p4-0.att.chcgil01.us.bb.verio.net
10 16 15 16 129.250.5.114 p16-3-0-0.r00.chcgil06.us.bb.verio.net
11 16 16 15 129.250.5.77 p16-1-0-0.r01.chcgil06.us.bb.verio.net
12 31 47 31 129.250.5.85 p16-3-0-0.r01.dllstx01.us.bb.verio.net
13 47 31 47 129.250.3.194 p4-0-0-0.r00.hstntx01.us.bb.verio.net
14 46 32 47 129.250.30.216 ge-1-1-0.a03.hstntx01.us.ra.verio.net
15 47 47 31 128.241.9.246 p1-1-0-0.a03.hstntx01.us.ce.verio.net
16 47 32 46 207.218.245.1 twhou-7200-1.ev1.net
17 47 62 47 207.218.223.8 tayhou-223-8.ev1.net
18 31 47 62 207.218.223.135 argus.rackshack.net
So from the a. m. illustration can anybody explain to us what happend? Please help.
Thanks in advance,
J. Joubarani
We have a cobalt raq 4i with RackShack. The raq has 512M RAM and about 40G hard capacity. The raq stopped for about half an hour between 22:50:35 GMT and 23:18:08 GMT. Since we have a web-based email server for about 1000 users, we examined the mail log file and saw the following:
Dec 5 00:50:35 server in.qpopper[30229]: I/O Error from at 207.218.223.135 (207.218.223.135): [-1] 104 (Connection reset by peer); 0 (Success)
Dec 5 00:50:35 server in.qpopper[30229]: (null) at 207.218.223.135 (207.218.223.135): -ERR POP EOF or I/O Error: 104 (Connection reset by peer); 0 (Success)
Dec 5 01:18:08 server sendmail[558]: gethostbyaddr(216.40.242.138) failed: 1
Dec 5 01:18:08 server sendmail[558]: gethostbyaddr(216.40.242.137) failed: 1
Dec 5 01:18:09 server sendmail[564]: starting daemon (8.10.2): SMTP+queueing@01:00:00
Before the server returned to its original status by itself, we found that the SMTP is not functioning. And from BW monitoring graph the input traffic jumped drastically to about 70Mbps and the output jumped to 50Mbps.
We took the registered IP in the mail log file 207.218.223.135 and achieved a lookup and traceroute which had the following results:
IP address: 207.218.223.135
Host name: argus.rackshack.net
TraceRoute to 207.218.223.135 [argus.rackshack.net]
Hop (ms) (ms) (ms) IP Address Host name
1 0 0 0 216.191.147.1 -
2 0 0 0 216.191.195.33 solutions-sherweb.p2p.attcanada.ca
3 16 0 0 216.191.67.17 core1-tor-pos5-2.bb.attcanada.ca
4 16 0 0 216.191.65.243 gwy1-tor-srp2-0.bb.attcanada.ca
5 15 16 16 12.125.142.5 -
6 16 0 15 12.123.5.218 gbr5-p80.cgcil.ip.att.net
7 0 31 16 12.122.11.41 tbr1-p013501.cgcil.ip.att.net
8 16 15 16 12.122.11.206 ggr1-p340.cgcil.ip.att.net
9 15 16 16 192.205.32.70 p4-0.att.chcgil01.us.bb.verio.net
10 16 15 16 129.250.5.114 p16-3-0-0.r00.chcgil06.us.bb.verio.net
11 16 16 15 129.250.5.77 p16-1-0-0.r01.chcgil06.us.bb.verio.net
12 31 47 31 129.250.5.85 p16-3-0-0.r01.dllstx01.us.bb.verio.net
13 47 31 47 129.250.3.194 p4-0-0-0.r00.hstntx01.us.bb.verio.net
14 46 32 47 129.250.30.216 ge-1-1-0.a03.hstntx01.us.ra.verio.net
15 47 47 31 128.241.9.246 p1-1-0-0.a03.hstntx01.us.ce.verio.net
16 47 32 46 207.218.245.1 twhou-7200-1.ev1.net
17 47 62 47 207.218.223.8 tayhou-223-8.ev1.net
18 31 47 62 207.218.223.135 argus.rackshack.net
So from the a. m. illustration can anybody explain to us what happend? Please help.
Thanks in advance,
J. Joubarani