• Anything ‘published’ on the web is viewed as intellectual property and, regardless of whether it displays a copyright symbol or not, is therefore copyrighted by the originator. The only exception to this is if there is a “free and unrestricted reuse” statement associated with the work.

    In order to protect our members and TFL from possible litigation, all members must abide by the following new rules:

    1. Copying and pasting entire articles from another site to TFL is strictly prohibited. The same applies to articles from print or other media, and to posting photographs taken of copyrighted pages or other media.

    2. Copyright law provides for “fair use” of portions of a copyrighted work. You can copy no more than a SINGLE paragraph from the article to your post (3 or 4 sentences at most).

    3. You must provide a link to the article along with the name of website. For example: ww.xxx.yyy/zzz (The Lower Thumbsuck Daily News).

    4. You must provide, in your own words, a brief summary of the article AND your reasons for believing it will be of interest to TFL members. Failure to do so may result in the thread being closed or your post being deleted as a “cut and paste drive by.”

    5. Photographs and other images are also copyrighted. "Hotlinking" of images (so that it appears in your message) from other sites is also prohibited unless you own rights to the image. If you wish to share an image, provide a clickable link to it.

    Posts that do not follow these new guidelines will be altered or deleted by staff. Members who continue to violate this policy may lose their posting privileges at TFL.

    Thank you for your cooperation and your participation in TFL, the leading online forum for firearms enthusiasts.

Connection reset errors

B

Ben Swenson

New member
I've been getting connection reset errors from TFL on a fairly regular basis (maybe 5% of page loads).

Anyone else getting these?

FWIW, refreshing usually brings up the page.
 
After a significant delay or within 20 seconds or so?

I haven't noticed anything, but it would explain some other things...
 
After a significant delay or within 20 seconds or so?
Click to expand...
Oddly enough, no.

On Firefox, if I'm paying attention I can see the page start to load and then immediately flash to the Connection Reset error page.

Total time from click to error is less than five seconds.

I am not getting this error with other sites. It may well just be my machine or connection, but I thought I'd see if others were noticing a problem. I've seen a bunch of multiple posts that might be caused by a similar error (post is submitted, connection is reset, poster doesn't think post was submitted, page refreshed, post is resubmitted).
 
I have a sneaking suspicion the firewall isn't natting connections reliably. Will look into it.
 
The new colo has some agressive network filters. It's possible you're inadvertently tripping one. When it happens again, get an accurate timestamp (plus timezone), and pm me that and your ip (if different from the one you used to post these last few messages) and I'll ask the colo people to check.
 
Just had a handful of these errors. Sent you a PM or two. Hopefully two.

Got another one when trying to load the Reply screen here.
 
Has anyone else noticed occasional connection resets?


I sent the info to the colo for them to check. There's nothing relevant in the apache error log.

Assuming they claim it's not a firewall issue, can you run a packet sniffer and log traffic to/from tfl until it happens again?

I'm running tcpdump on the server for your ip. If you can get a packet log from your side and a rough timestamp (just note the url and rough time and I can get an accurate timestamp), comparing the two logs should conclusively resolve whether the firewall's at fault.

Even without the log, given another timestamp we can at least find out if the tfl server is the culprit. There just won't be any evidence that the colo's firewall is sabotaging the connection.

There are other strange network lags/disconnects with the server, but I haven't noticed anything of that sort on the website.
 
Assuming they claim it's not a firewall issue, can you run a packet sniffer and log traffic to/from tfl until it happens again?
Click to expand...
Sure thing. Running EtherDetect filtered for TFL's IP right now.
I'm running tcpdump on the server for your ip.
Click to expand...
Argh! Big brother! Big brother! ;)
If you can get a packet log from your side and a rough timestamp (just note the url and rough time and I can get an accurate timestamp), comparing the two logs should conclusively resolve whether the firewall's at fault.
Click to expand...
You got it. I'll PM you if I get another one of those disconnects.
 
Your firewall seems to be broken.

You got two TCP resets 6 seconds after the http request, and they weren't sent by the TFL server. 15 seconds after the http request, the TFL server got a RST out of the blue, with reset cause given as "ehnc", documented here:
http://72.14.209.104/search?q=cache...T.pdf+sonicwall+ehnc&hl=en&gl=us&ct=clnk&cd=2

The response to any given page request has a half dozen or more tcp fragments. In this case, one of them got lost (seq num 5841 is missing, the next one you got was seq 7301 in packet 1968 in your log).

SonicWall must have decided, inappropriately, that a missing tcp fragment constituted a Breach of the Peace, and proceeded to wreck the connection by sending a RST to your machine. After it closed its connection, the firewall dropped the connection from its connection table, and when TFL retransmitted the lost fragments, it got a RST with the "ehnc" message.

If there's a newer sonicwall firmware than you're using, try upgrading.
 
Charlie? Ya really don't want to know!
Click to expand...
Know what? That's he's got transistors instead of neurons and thinks in binary? :D

Just kidding Tyme! You're one sharp cookie and I'm envious :) .

Back when DOS was Boss, and Veronica and Archie were more than comic book characters, I was halfways sharp at this stuff (I still use DOS for a lot of things), but I just couldn't keep up with it. Today, I'm so far behind I could never catch up. Besides, the mind just ain't as sharp when you're pushing 60 :( .
 
Capt Charlie said:
That's he's got transistors instead of neurons and thinks in binary?
Click to expand...
Reminds me of the old sigline: There's 10 kinds of people. Those who know binary and those who don't.
 
Thanks, Tyme! Sorry to burn so much of your ... er ... time.

We're moving offices in a few weeks and after we get settled in I'll rebuild the firmware on our firewall.
 
You must log in or register to reply here.
Back
Top