I know. Anyway, first: load is always 0.0x, and the number of
connections is small. Second, even if I hadn't known that and/or that
was what happend, I don't think the machine is supposed to be down
afterwards?!
Anyway, happened again, but this time I have much more data (had a
test script running). See below.
Note: I've had a script running:
E="NO";
while true; do
sleep 120;
ping -c 1 [2nd router/hop] >&/dev/null || E="YES"
.... (log system status, ifconfig, ps aux, netstat -an, route
-n,
lots of /proc-stuff, etc.)
exit
fi
done
(Output of that script not included due to size, ~90k)
That script send lots of stuff (for my debugging) to a file,
which was created at 22.12, which means the network went away (i.e.
ping to
the second router outwards failed) between 22.10 and 22.12.
The number of open connections (netstat -an) was a little more than 200,
same with rt_cache entries (from /proc). There was lots of free memory,
load was 0.0x (low).
I know the static routes need to be fixed for the redirects to go
away, but I'm only a guest on that machine (told the owner, though).
(syslog loglevel for messages was *.*)
"-------------" starts comment inserted into messages file manually
a few lines have been removed, everything that's not kernel
also, lots of redirect to ... dropped
Mar 12 22:06:06 tantalus kernel: ip_rt_advice: redirect to
195.186.0.28/00 dropped
Mar 12 22:12:01 tantalus kernel: ip_rt_advice: redirect to
212.28.158.239/00 dropped
Mar 12 22:12:18 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 12 22:12:27 tantalus kernel: ip_rt_advice: redirect to
164.128.36.50/00 dropped
Mar 12 22:15:32 tantalus kernel: ip_rt_advice: redirect to
195.119.116.31/00 dropped
Mar 12 22:21:03 tantalus kernel: ip_rt_advice: redirect to
193.193.157.75/00 dropped
Mar 12 22:21:20 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 12 22:21:25 tantalus kernel: ip_rt_advice: redirect to
212.254.32.141/00 dropped
Mar 12 22:22:20 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 12 22:23:20 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 12 22:23:27 tantalus kernel: ip_rt_advice: redirect to
195.112.73.2/00 dropped
Mar 12 22:24:20 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 12 22:25:34 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 12 22:26:34 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 12 22:27:34 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
--------------lots of redirect and SYN flooding messages deleted, from
here
--------------on ONLY syn flooding messages, no more redirects!
Mar 12 22:28:11 tantalus kernel: ip_rt_advice: redirect to
195.186.24.251/00 dropped
Mar 12 22:28:34 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 13 00:05:26 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
--------------77 syn flood warnings deleted
Mar 13 00:06:33 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 13 00:07:34 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 13 00:08:34 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 13 00:09:35 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 13 00:10:36 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
------------this seems to indicate we can receive but not respond (no
route)
Mar 13 00:11:11 tantalus sshd[29562]: fatal: Read error from remote
host: No route to host
Mar 13 00:11:37 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 13 01:32:17 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
--------------44 syn flood warnings deleted
Mar 13 01:33:23 tantalus kernel: possible SYN flooding on port 80.
Sending cookies.
Mar 13 04:29:12 tantalus kernel: SCSI disk error : host 0 channel 0 id
0 lun 0 return code = 2
Mar 13 04:29:12 tantalus kernel: scsidisk I/O error: dev 08:05, sector
564918
---------lots of SCSI errors with different sector numbers deleted
Mar 13 06:19:55 tantalus kernel: SCSI disk error : host 0 channel 0 id
0 lun 0 return code = 2
Mar 13 06:19:55 tantalus kernel: scsidisk I/O error: dev 08:06, sector
1354312
Mar 13 06:19:55 tantalus kernel: scsi0: MEDIUM ERROR on channel 0, id
0, lun 0, CDB: Read (10) 00 00 34 88 8b 00 00 06 00
Mar 13 06:19:55 tantalus kernel: Current error sd08:06: sense key
Medium Error
Mar 13 06:19:55 tantalus kernel: Additional sense indicates
Unrecovered read error
Mar 13 06:19:55 tantalus kernel: scsidisk I/O error: dev 08:06, sector
1354314
Mar 13 06:19:55 tantalus kernel: scsi0: MEDIUM ERROR on channel 0, id
0, lun 0, CDB: Read (10) 00 00 34 88 87 00 00 08 00
Mar 13 06:19:55 tantalus kernel: Current error sd08:06: sense key
Medium Error
Mar 13 06:19:55 tantalus kernel: Additional sense indicates
Unrecovered read error
Mar 13 06:19:55 tantalus kernel: scsidisk I/O error: dev 08:06, sector
1354314
------------- REBOOT
Mar 13 15:49:51 tantalus syslogd 1.3-3: restart.
==
-- Michael Hasenstein http://www.csn.tu-chemnitz.de/~mha/ Private Pilot (ASEL) since 1998 _________________________________________________________ DO YOU YAHOO!? Get your free @yahoo.com address at http://mail.yahoo.com
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/