That's great news.

On Sun, May 26, 2013 at 12:21 PM, Mark Phillips <mark@phillipsmarketing.biz> wrote:

Thanks to everyone for their suggestions!

The good news.....the server is healthy, and I solved the problem of the "ssh session ignoring me every few minutes". It seems I made a mistake in the configuration of openVPN in my new ASUS DD-WRT router.

The better news....turning off openVPN on my router also solved my intermittent LAN printing and scanning issues.

The bad news.....need to fix the VPN connection to my LAN. I guess I will be drinking my Starbs at home for awhile! ;)

Usually this is either an OpenVPN port issue or a MTU issue:

1) Port issue:

OpenVPN Ports: TCP 443, TCP 943, UDP 1194

By default OpenVPN Access Server has 2 OpenVPN daemons running. One of them on UDP port 1194 and another on TCP 443. We recommend that you use the UDP port because this functions better for an OpenVPN tunnel. However, many public locations block all sorts of ports except very common ones like http, https, ftp, pop3, and so on. Therefore we also have TCP 443 as an option. TCP port 443 is the default port for https:// (SSL) traffic and so this is usually allowed through at the user’s location.

TCP port 943 is the port where the web server interface is listening by default. You can either approach this directly using a URL like https://yourserverhostnamehere:943/ or by approaching it through the standard https:// port TCP 443, since the OpenVPN daemon will automatically internally route browser traffic to TCP 943 by default. (https://yourserverhostnamehere/).

2) MTU issue:

You can pass a parameter to OpenVPN to test your MTU:

--mtu-test

To empirically measure MTU on connection startup, add the --mtu-test option to your configuration. OpenVPN will send ping packets of various sizes to the remote peer and measure the largest packets which were successfully received. The --mtu-test process normally takes about 3 minutes to complete.

http://openvpn.net/index.php/open-source/documentation/manuals/65-openvpn-20x-manpage.html

http://www.personalvpn.org/OpenVPN-mtu-size.htm

Excerpt:

SImply edit the client configuration files (files ending in .ovpn) to add the MTU adjustment. We recommend adding the following value as a starting point

mssfix 1300

Just copy and paste this into the configuration file on a blank line. Restart the software and connect. In a great many cases this will resolve the connection issues. You can adjust this value to try and fine tune your situation. But in most cases effects are minimal and this settings will work very well.

Happy Memorial Day Weekend to all PLUGers!!

Mark

On Sun, May 26, 2013 at 1:44 AM, Lisa Kachold <lisakachold@obnosis.com> wrote:

Hello Mark,

On Sat, May 25, 2013 at 11:59 AM, Mark Phillips <mark@phillipsmarketing.biz> wrote:

I have an old headless server running Linux version 2.6.32-5-686 (Debian 2.6.32-48squeeze1) (dannf@debian.org) (gcc version 4.3.5 (Debian 4.3.5-4) ). Recently, when I log in using ssh the terminal window freezes for a few seconds, then usually comes back. The command line stops printing the characters I am typing, the cursor stops blinking, and then after a few seconds, it comes back. This happens every few minutes, so it is becoming rather annoying.

Here's the general list (some of which you have done already).

0 - Make sure that it's not swapping with "free".
1 - Check that you have no ethernet errors with "ethtool eth0" (or whatever your interfaces are) and look for errors.

1.5 - Check ' netstat -s -p|grep "segments retransmited" ' for packet loss

2 - Check "netstat -antp" to see what is listening and/or bogging down.
3 - Check "lsof" to see what the system is doing.
4 - Are you accessing SSH via SSH forwarding, a different place/network or VPN? This could be a MTU issue.

5 - Run "nmap $servername" from your system to check what is available and listening.
6 - Look in your logs for security issues; specifically access attempts to open ports; firewall to only allow source and destination for SSH, DNS or other Mail as appropriate.

7 - Disable your SSH timeout - just to be safe: http://docs.oseems.com/general/application/ssh/disable-timeout
8 - Use a ping from your system to the server to see if you can see latency.

9 - Use a traceroute/tracert to see latency between any hop.

Use the Source my friend!

When I check the disks, I get
# df -h
Filesystem            Size Used Avail Use% Mounted on
/dev/sda1             182G   42G 131G 25% /
tmpfs                 505M     0 505M   0% /lib/init/rw
udev                  500M 140K 500M   1% /dev
tmpfs                 505M     0 505M   0% /dev/shm
/dev/sdb1             230G 146G   72G 67% /mnt/sdb

So I am not running out of disk space.

When I run top, I get this output:
Tasks: 90 total,   3 running, 87 sleeping,   0 stopped,   0 zombie
Cpu(s): 7.0%us, 3.0%sy, 0.0%ni, 82.7%id, 6.6%wa, 0.3%hi, 0.3%si, 0.0%st
Mem:   1032748k total, 1013748k used,    19000k free,   242992k buffers
Swap: 2017272k total,     1040k used, 2016232k free,   473584k cached

So I am not running a process that is taking over the CPU.

How should I go about diagnosing this problem?

Thanks!

Mark

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss

--

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss

(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com
Chief Clown