Koozali.org: home of the SME Server

SME 10 Network problems with some sites (ie Guildwars 2, EPIC)

Offline lc_lol

  • 12
  • +0/-0
Hello,

After having made a fresh install of SME10 on my Zotac ci329 Nano (gateway+server), I've experienced weird network bugs : connection errors to some sites and services, such as Guid Wars 2 or EPIC. I've tried to reistall from scratch, while changing some parameters, it didn't solve the problems, while some other appeared from time to time (after a reboot I wasn't able to access my second router web interface - address 192.168.1.1:80 - so I thought it musn't be the firewall...- then it worked again after rebooting, then not, etc...).

I spent hours trying to find errors in the logs or dmesg, but didn't find anything related to this problem. I've searched on the forum, tried to disable iptables (https://forums.contribs.org/index.php?topic=40149.0) and to change the Realtek 8168 driver (https://forums.contribs.org/index.php/topic,54579.msg286155.html#msg286155), no solution.

I've reinstalled the previous hard disk with SME 9.2. Everything is fine.

I don't know if I should report that on the budgtracker. If so, don't hesitate to tell me.

Thanks for your help

Offline Jean-Philippe Pialasse

  • *
  • 2,747
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: SME 10 Network problems with some sites (ie Guildwars 2, EPIC)
« Reply #1 on: August 29, 2021, 08:39:09 PM »
first for sure disabling firewall won’t help. as highlighted by Charlie in the same thread you point this is not a smart move. SME firewall is really user friendly in term of what it allows, and is just there to make thing secured if you are using server only, and to allow NAT to work on top of that if you are using server gateway mode.

Quote
my second router web interface - address 192.168.1.1:80
stating you use a server gateway this lead to the question please draw us your network because it sounds like a double NATing situation.
If you want to play with that you need to know what you are doing and able to configure every routing issues you are putting in place. 
also port 80 to administer a router seems pretty insecure in 2021.


also not that random questions, what returns those 3 commands
Code: [Select]
rpm -qa |grep samba
config show dnscache
lspci| grep -i eth

Offline lc_lol

  • 12
  • +0/-0
Re: SME 10 Network problems with some sites (ie Guildwars 2, EPIC)
« Reply #2 on: August 29, 2021, 09:33:34 PM »
First of all, thanks for your fast answear :)

first for sure disabling firewall won’t help. as highlighted by Charlie in the same thread you point this is not a smart move. SME firewall is really user friendly in term of what it allows, and is just there to make thing secured if you are using server only, and to allow NAT to work on top of that if you are using server gateway mode.

I did it on purpose, just to check that firewalling wasn't the cause. Indeed, it wasn't :)

Quote
stating you use a server gateway this lead to the question please draw us your network because it sounds like a double NATing situation.
If you want to play with that you need to know what you are doing and able to configure every routing issues you are putting in place. 

As a matter of fact, triple-NATing. From WAN to LANs : my ISP Box is set as router, subnet 192.168.0.x then a router/firewall shares connections to wifi and SME on 192.168.1.x subnet, the SME server is on the last subnet. Yes, I'm a bit paranoid, but I don't wanna mess Wifi and SME Lan-side.

I don't pretend I masterize that, but I've been working with that configuration for about 15 years, and never had to do anything more than managing redirections on the different routers.

I had forgotten to say that in my different tests I've tried a direct link between the SME server and the ISP box (with proper IP configuration) and the problems were the same.

Quote
also port 80 to administer a router seems pretty insecure in 2021.

Once again, I had opened it for this testing purpose :)

Quote
also not that random questions, what returns those 3 commands

I'll get back to you as soon as possible with these :) I expect I'll have time to plug the newer disk in the next days.

Thanks again :)

Offline Fumetto

  • *
  • 874
  • +1/-0
Re: SME 10 Network problems with some sites (ie Guildwars 2, EPIC)
« Reply #3 on: August 30, 2021, 01:21:56 AM »
I have this hardware with PfSense on it. I had a big stability problem, sometimes it didn't boot, sometimes it crashed, fixed by updating the bios. And btw SME with one HDD/SDD is not good (my 2 €c)... :-)

Offline lc_lol

  • 12
  • +0/-0
Re: SME 10 Network problems with some sites (ie Guildwars 2, EPIC)
« Reply #4 on: August 30, 2021, 08:20:36 AM »
I have this hardware with PfSense on it. I had a big stability problem, sometimes it didn't boot, sometimes it crashed, fixed by updating the bios. And btw SME with one HDD/SDD is not good (my 2 €c)... :-)

Thanks, BIOS update is a good idea, I thought I had a recent BIOS but looking at Zotac site, there have been many updates on the last months. I'll update it before making the tests.

I know my installation is not exactly what's recommended, and "some day" I'll do better  :) But for the time being it just corresponds to what I need (totally silent server, low power consumption, no space occupation), all I'd like to do for the moment, is update from my working SME 9.2 to (possibly working  :-D) 10 

Thank you all, once againn, for your kind answears :)

Offline mauro

  • ***
  • 101
  • +0/-0
Re: SME 10 Network problems with some sites (ie Guildwars 2, EPIC)
« Reply #5 on: August 30, 2021, 09:54:15 AM »
Did you try to disable and then re-enable the HTTP proxy from the server manager?
All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer.
-- IBM maintenance manual (1975)

Offline lc_lol

  • 12
  • +0/-0
Re: SME 10 Network problems with some sites (ie Guildwars 2, EPIC)
« Reply #6 on: August 30, 2021, 07:25:13 PM »
Did you try to disable and then re-enable the HTTP proxy from the server manager?

As weird as it seems, that's the solution :shock: ! If you have any explanation, I'll read it with the best possible attention  :-)

Thanks again, and by the way, this made me update the BIOS... The last version adds TPM support... Well, installing Windows 11 on this machine is far from my intentions, but, well, it's done  :P

@Jean-Philippe : I suppose this won't be useful, but just in case, this is the output of the commands you asked :

Code: [Select]
[root@xxx ~]rpm -qa |grep samba
samba-common-4.10.16-15.el7_9.noarch
samba-libs-4.10.16-15.el7_9.x86_64
samba-4.10.16-15.el7_9.x86_64
samba-common-libs-4.10.16-15.el7_9.x86_64
samba-common-tools-4.10.16-15.el7_9.x86_64
samba-client-4.10.16-15.el7_9.x86_64
e-smith-samba-2.6.0-23.el7.sme.noarch
samba-client-libs-4.10.16-15.el7_9.x86_64

Code: [Select]
[root@xxx ~]config show dnscache
dnscache=service
    Forwarder=192.168.1.1
    TCPPort=53
    UDPPort=53
    access=private
    status=enabled

Code: [Select]
[root@xxx ~]lspci| grep -i eth
01:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0c)
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0c)

Once again, thank you all for your help :) Just to be sure I don't leave anything bad from my tests, I'll get a clean reinstall. :-)

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: SME 10 Network problems with some sites (ie Guildwars 2, EPIC)
« Reply #7 on: October 18, 2021, 09:02:14 PM »
And btw SME with one HDD/SDD is not good (my 2 €c)... :-)

Unless on a VM on RAID system it is a very bad idea (same with any server) and even with ood backups I would never recommend it.

Drives are cheap and plentiful. Enjoy.
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation