[SOLVED] Cannot check externally hosted email

[christian]

Do you mean that issue occurs with iMAP only while connecting to port target server on port 143? (and also VPN)
BTW did you look at logs in /var/log?
look at syslog and mail.error

To recap: you can connect (firewall is not preventing connection on port 143) but connection is not stable enough to permit reading messages, correct?
Just curious, what was you internet access made of, prior Zentyal 2.2 installation?

[vmajor]

Thanks for persevering Christian :-)

I am not sure at what point the issue occurs. I can only say the following about the current Thunderbird experiment:

1. Thunderbird correctly set up the email account just by me providing the email address and password. It managed to interrogate the mail server and obtained the correct mail server IMAP and SMTP settings. Thus communication at this stage was two way.

2. Thunderbird can open the IMAP mailbox and obtain the listing of available IMAP folders.

3. Thunderbird is unable to obtain the list of emails in any of the visible IMAP folders in the said IMAP mailbox.

4. I am thoroughly confused.

Recap (besides the above): Firewall is not preventing connection to 143. I am not sure of the stability of connection, I do not observe any other connectivity issues with anything else. Prior to Zentyal it was the D-Link consumer gateway DI-524 (not DI-612 as I wrote earlier in the thread)

Logs: syslog shows nothing useful, mail.err is empty. The only log that seems related and has something perhaps noteworthy is zentyal.log that has this to say:

Code: [Select]

2011/10/13 13:43:30 INFO> Service.pm:716 EBox::Module::Service::restartService - Restarting service for module: firewall
2011/10/13 13:43:30 WARN> Configuration.pm:110 EBox::Monitor::Configuration::RRDBaseDirPath - Neither /var/lib/collectd/rrd********/ and /var/lib/collectd/rrd/*********/ still exists. Did Collectd never run?

This error keep repeating every 6 minutes or so.

V.

[christian]

Shall I understand that firewall module restarts every 6 minutes?  which would break any connection requiring more than this amount of time  .
Better let Zentyal experts answering here... 

Do you have issue with you "monitor" (or "log?") module ? If yes, may I suggest to stop it at least for test purpose?

[vmajor]

...yea that is what it looks like. Every 6 minutes, like it is a cron job, the firewall appears to restart.

The log module worked for most things, except for the firewall. I disabled it now.

Another thing I noticed, and it may shed light on this bizarre situation. I cannot connect to our website, cpanel, or whm on the same domain where the IMAP mailbox is hosted. The websites and IMAP are reachable when I use a different connection not managed by the Zentyal box (3.5G on my N900). Thus this also seems to be a DNS issue.

...well I removed the DNS module entirely, but I still cannot reach our VPN. Traceroute is normal, even the mentioned website is reachable, but just like IMAP...they time out after the first ... handshake. It is as if to this domain in particular, the connection is ultra unstable.

The firewall is still doing its suicide/resurrection thing.

I am beginning to feel like this guy on the front page of the commercial site:

[vmajor]

I am now noticing more URLs failing to load, or complete loading. I now think that there may be issues with the PPPoE gateway functionality of Zentyal 2.2.2.

From observation the WWW connection fails if there is a "large" number of requests made. Simple web pages load, complex ones with many fetch requests hang and time out. This is now happening 100% of the time.

I will attempt a reboot to see if that helps the situation after the module cleanup exercise. If reboot fails, it is back to the trusty old (9 years) DI-524 as a gateway.

V.

[christian]

You are brining in very interesting new inputs and I like your picture. Funny  although I understand it can be very frustrating for you 

1 - I don't think removing DNS helps. Well, it depends how you are using it: without internal DNS, requests will be made, by clients on LDA, directly to internet. Not that efficient... This leads me to one question: could you please describe with more details what you have on your side?
I understood you run Vyatta box. How is it stacked? What are services provides by what? I mean here that you may have conflicts in term of firewall, route or anything else we do not suspect for the time being.
something like:
internet <--> Vyatta <--> Zentyal <--> switch <--> clients ?
2 - is Zentyal running in virtualized environment?
3 - What if you connect to this web site directly from Zentyal server.

oh! I notice you've added some new comments: so it fails with almost everything... what is your network adapter on Zentyal box?

[vmajor]

I am now back on the DI-524 as a PPPoE gateway and my sanity returned. It all works again.

Topology here in the office:

Internet --> DI-524 gateway --> LAN 8 port switch --> networked PCs, WAP, printer, Zentyal 2.2.2 box

Vyatta et. al. are not in the office, but at our other location.

Desired, but failed topology was:

Internet --> Zentyal 2.2.2 gateway --> LAN 8 port switch --> networked PCs, WAP, printer

Summary: Zentyal 2.2.2 PPPoE functionality has issues. I am not sure at which point it fails and if it is due to some interaction with some other module.

Thus, do I get a t-shirt now?


V.


EDIT: just saw the network adapter part, yes good point.

eth0 "external" is add-on NIC based on Realtek RTL8139c
eth1 "internal" is on the motherboard, nVidia something, seems to work well as we have no issues with file serving

It may be that eth0 is flaky, however it used to function as external NIC on a standalone Vyatta box before I virtualized it in another machine. It used to work.

[vmajor]

One more bit of info for Zentyal devs if they choose to look here.

loggerd takes up all available CPU cycles even though it has not crashed. I can still look up the DHCP log through the admin site.

It behaves quite well actually. It truly only takes up all available cycles, ie. when another process wants some CPU time, loggerd CPU utilisation as a percentage in top goes down.

V.

[christian]

Something wrong with loggerd..?
You can still disable log module so that is doesn't impact other tests.

Realteak adapter... search in this forum: someone else faced similar problem with such adapter brand and fixed it replacing his adapter with another one. I faced the same some month ago and this was not due to adapter itself (I mean hardware) but the way linux kernel handles it. So if you can try with another model, just do it as this may help understanding what's wrong here.

[vmajor]

yea, loggerd has an issue. I disabled it now. It exited politely. As I said, not a crash, it just seems to get stuck somewhere and it really, really wants to do its job...or something.

Regarding a NIC, yes I am already planning to find a replacement. May get one over the weekend. Any recommendations on the chipset, top of mind, not asking you to trawl the forums or the interweb for me... :-)

V.

[christian]

No... anything but Realtek ? 
Or temporarily switch internal and external interfaces (eth0, eth1)

[vmajor]

OK it is not the NIC. I now have a D-Link DFE-530TX (reported as Via VT6105/VT6106S [Rhine-III]) configured as eth2 and the problem with our VPS in particular persists. The other NIC has been removed so now there are only eth1 and eth2.

It seems to be some kind of corruption somewhere with something in Zentyal 2.2.2

Our VPS is hosted by www.inmotionhosting.com and I cannot even reach their website when the Zentyal box is the gateway.

With other sites they time out when fetching outside content.

What I am experiencing reminds me of my visit to China and running into the great firewall. The connection is made, but the content never arrives. It appears as if my Zentyal box has content filtering enabled and that it hates inmotionhosting.com and about 30% of WWW content. For example many web pages stop loading on 'connected to connect.facebook.net...' Funnily enough, I can access Facebook itself without a problem.

Engadget, the beast of a site, mostly loads, hanging at 'connected to s2.wp.com...' but it is clearly asychrnous so this failure only results in the loading indicator forever spinning, until it times out.

It is now failing to load many sites (could be getting progressively worse?) so I am not able to troubleshoot using the all mighty Google as some promising links fail to load. This one for example: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk36267 (cannot load it so I apologize if it is inexplicably NSFW)

Chromium is also affected by this...as is IMAP of course, so it is not an application setting, and it is not a client firewall setting since all of these sites are accessible once I fall back the D-Link DI-524 as a gateway.

Looking at processes that pop up when I refresh a page that refuses to load, I see 'squid' even though it is not even installed according to Zentyal admin page.

Anyway, I think that the problem is with the PPPoE setup, maybe MTU setting or who knows what...

I would like to use the Zentyal box as a gateway since one limitation of the DI-524 is that it is no good for routing traffic around the network so I cannot run a web portal/server on the Zentyal box to allow remote file access/uploading which is half the point of trying to set up Zentyal.

Things I have done and that did not fix the problem:

- manually remove squid via ssh
- install nscd and flushed dns cache
- ran pppoeconf

................Hallelujah! The just published Zentyal Networking module update 2.2.2 fixed this, whatever it was.

Prior to this I also noticed a profound lack of complaints from anyone else in the office (except for when they lose file or web access and hear me swearing) about connectivity issues. Only MY workstation was affected by this, whatever it was. Zentyal box was binning only my internet traffic and nobody else's.

Thus, SOLUTION: Install Zentyal Networking module update 2.2.2