Mysterious problem driving me crazy! (network? apache? php? firewall?)

RR ranjtech at gmail.com
Wed Jun 28 05:13:44 UTC 2006 

I agree with Scott along the lines of MAC addresses being the problem. But
I'm thinking along the lines of ARP cache. You may have a problem with the
ARP tables still being fresh or persistent in your network somewhere. I'd
start with the edge router and then go down to your Firewall. IMHO, It's not
the local machines itself, it's something upstream in your network which is
why you're ok from inside the network. You made no mention of what's in
front of these web-servers and have not indicated that you've done any
troubleshooting beyond the web-server machines itself. 

In sort, clear out your ARP caches in all upstream network components
starting from your edge-router (this along should fix the problem), if not,
then clear it in your firewall or upstream switch. 

Good Luck
\R

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of Scott Ruckh
Sent: Wednesday, June 28, 2006 2:55 PM
To: General Red Hat Linux discussion list
Cc: redhat-list at redhat.com
Subject: Re: Mysterious problem driving me crazy! (network? apache? php?
firewall?)


-- 
This is what you said Chris W. Parker
> Hello,
>
> I had a server fail on me recently (which is a story in itself... can't
> figure out why it's failing...) and so now I'm in the process of
> migrating my data (two websites from a backup) to a new server.
>
> The old server was FC3 and the new server is CentOS 4.3.
>
> Here is the problem stated very briefly: On the old server both websites
> worked fine. On the new server only one website is working.
>
> Now for some details:
>
> * I've checked and rechecked /etc/httpd/conf/httpd.conf to make sure it
> matches the original.
> * I've checked and rechecked all my scripts in
> /etc/sysconfig/network-scripts to match the originals.
> * I've checked and rechedked the virtual host settings in
> /etc/httpd/virt.d/ to match the originals.
> * I've tried turning off iptables on the new server.
> * I've tried turning off IPv6 (just a shot in the dark!).
> * I've tried turning off SELinux too.
> * I've also compared permissions between the two websites directories.
>
> I'm using NAT and what seems to be happening is that swatgear.com WILL
> NOT resolve to it's internal ip address of 10.0.0.3. I can't get a
> successful ping/request from swatgear.com or 67.17.248.227. The only
> time a ping works or I can get any kind of response is through 10.0.0.3.
> And by the way, the site works fine if I add '10.0.0.3 swatgear.com' to
> /etc/hosts. But of course that doesn't solve the problem for the outside
> world.
>
> First of all you might ask if someone has changed the configuration in
> the hardware firewall, nope. No changes at all. You might also think
> that iptables is getting in the way (see above). You might think that
> the configurations are different (see above).
>
> If I turn the old server on (which only stays up for about 5 minutes
> before it kicks the bucket) both sites work perfectly. As soon as I shut
> it off and turn on the new server only one of the sites will work while
> the other (www.swatgear.com) does not.
>
> I can't figure it out and I've been working on this ALL DAY so I'm
> pleading with the community to help me figure it out.
>
> What is driving me crazy is that one site works and the other does not.
> So inspite my 100% confidence in there being absolutely no difference
> between the configurations (of the parts that matter) of the two servers
> I can only be led to believe that it is in fact a misconfiguration and
> nothing else. Otherwise it just doesn't make sense.
>
> Another thing I should mention is that apache's logs for the website
> (that doesn't work) doesn't report anything! I mean, it appears that
> apache is not even SEEING the request for the site (unless I request it
> at 10.0.0.3). This says to me that it's something that precedes apache
> that is getting in the way and not apache itself (i.e. a configuration
> mistake).

Are you sure that there is not MAC Adresses filtering going on in the
firewall.  You said that no changes were made in the firewall, but if you
changed NICs on the new server and had MAC addresses filterning on the
firewall that might cause the problem.

You appear to have connectivity (you are able to use site via internal
IP).  I would also assume apache is correct since site is working.  The
problem sounds just like you mentioned.  A name request is not reaching
the server.

What do the firewall logs look like.  Does the request even reach the
firewall.

How about a tcp packet capture.  Outside of apache logs not seeing the
request, do you even see the traffic hitting the network interface on the
web server?

Hard to speculate without having access to the servers so I am just
throwing out some ideas.

Good Luck.

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list