buildup of Windows time_wait talking to fbsd 4.10

Len Conrad LConrad at Go2France.com
Tue Jan 11 13:56:41 PST 2005 

>>We have a windows mailserver that relays its outbound to a fbsd 
>>gateway.  We changed to a different fbsd gateway running 4.10. Windows 
>>then began having trouble sending to 4.10.  Windows "netstat -an" 
>>shows  dozens of lines like this:
>>
>>         source IP              desitination IP
>>======================================================================
>>  TCP    10.1.16.3:1403         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1407         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1415         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1419         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1435         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1462         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1470         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1473         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1478         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1493         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1504         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1507         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1508         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1521         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1526         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1546         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1550         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1568         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1571         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1589         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1592         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1616         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1620         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1629         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1644         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1647         192.168.200.59:25      TIME_WAIT
>>  TCP    10.1.16.3:1654         192.168.200.59:25      TIME_WAIT
>>
>>Eventually, the windows SMTP logs line like "cannot connect to remote IP" 
>>or "address already in use" because no local tcp/ip sockets are 
>>available, we think.
>>
>>The new gateway/fbsd 4.10 "sockstat -4" shows no corresponding tcp 
>>connections when the Windows server is showing as above.  On the fbsd 
>>4.10 machines, smtp logs, syslog, and dmesg show no errors.
>>
>>We switch the windows box to smtp gateway towards the old box/fbsd 4.7, 
>>all is cool.
>>
>>Suggestions with how to proceed debugging, please.
>>
>>I'm trying to get the dmesg.boot for the 4.7 and 4.10 boxes now, sorry.
>>
>>Len
>
>Just off the top of my head...
>
>You mentioned the freebsd machine is the gateway.  Do you have a firewall 
>on the host blocking connections from the windows machine?

the two mail servers that send outbound to the fbsd gateway are on the 
subnet, same rules.   the firewall is "outside" the subnets of the mail 
servers and gateways.

We haven't put a sniffer yet.  there's none on windows boxes, and tcpview 
on the fbsd boxes.

We going to start changing NIC model/brands.

thanks
Len


_____________________________________________________________________
http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites

More information about the freebsd-net mailing list