NIC locks up for no reason (?)
Frank Leonhardt
frank2 at fjl.co.uk
Thu Jun 14 08:02:14 UTC 2018
On 2018-06-13 02:28, Ronald F. Guilmette wrote:
> I am experiencing a really rather odd problem, and could use some
> helpful advice. I'm sure there is a good explanation for why this
> is happening, but at the moment I have no idea what it is.
>
> More than a month ago, I got myself a shiny new VM on one of the
> many providers of such on the Internet. I loaded up 11.1-RELEASE-p9,
> fiddled sshd so that it would run on a somewehat obscure unused port.
>
> Anyway, after doing the above things, all was running well, and exactly
> as expected for some time thereafter. (I have mostly just been using
> the box for some obscure research purposes.)
>
> I never set up any kind of filewall on the thing because frankly,
> I was doing so little with the box I didn't think I'd need one.
>
> Recently, I decided to install and run apache24, which I did.
> I configured that also to run on a non-standard port, since my
> intent was that the web stuff it would be serving up would only
> be stuff that I and perhaps a few close friends would look it.
> Apache started up just fine, and I was able to acces web content
> on the box via the non-standard port, from a system elsewhere on the
> Internet. No problem.
>
> Anyway, now it appears that the NIC on this VM system is effectively
> locking up from time to time, and I have no idea how to even begin
> to debug this problem. This happened a few days ago, and I managed
> to get to a virtual console, I logged in as root, and then I rebooted
> FreeBSD on the VM and again, all was well... for awhile.
>
> When this problem occurred before, it appeared that the (virtual) NIC
> of the VM was not accepting -any- packets from outside.
>
> Now the NIC has locked up again. Once again, from the outside it
> appears that it isn't responding to pings. or to traceroutes, or to
> ssh (on my non-standard port), or to attempts to telnet to the
> (non-standard) HTTP port I'm using.
>
> Traceroutes -out- from the VM also get absolutely nowhere... not even
> one hop. Pings rom the VM to its own (externally routable) IPv4
> address work fine.
>
> I logged in again via the virtual console and once again, just like
> the last time this happened (a couple of days ago), I can see nothing
> obviously wrong. There's plenty of free disk space, and top is showing
> the CPU as being >95% idle.
>
> ifconfig output looks perfectly normal to me... the interface in
> question is listed as "UP".
>
> Whet the devil could be wrong?
>
> The relevant hosting company has assured me that they haven't been
> doing
> anything new or special lately.
>
> The Handbook says that (recent vintage) FreeBSD provides three
> different
> flavors of firewalls. Are any of these three enabled by default? What
> about TCP Wrapper? Is that enabled by default on an out-of-the-box
> install of 11.1-RELEASE?
>
> What else could possibly explain a NIC periodically becoming totally
> unresponsive... at least from the outside... apparently just because
> I had the audacity to install and run apache24?
I can't think of any method whereby Apache 2.4 could do anything to the
network stack, or why installing it would do something similar via a
dependency. It's always possible, but I suspect your virtual machine is
the problem. The simulator is never as good as the real thing.
I've been making use of vultr.com's VMs for fun things, and I use
11.1-STABLE on some, running Apache 2.4 and suchlike for months without
a blip on those that I don't update and reboot. I've never had a problem
and I'd be happy to recommend them for this kind of thing. At
$2.50/month at some locations it's a small price to pay to keep
experiments off my actual hardware.
Regards, Frank.
More information about the freebsd-questions
mailing list