Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1049
Views
0
Helpful
3
Replies

SMTP TCP-25 Keepalive Strange Behavior

a12288
Level 3
Level 3

‎09-06-2006 01:06 PM

We noticed CSS11501 are sending multiple keepalives to SMTP services (according to the SMTP server logs)

Sep 6 00:36:52 fedex sendmail[3908]: k864aqSN003908: [172.17.94.67] did

not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

Sep 6 00:36:52 fedex sendmail[3913]: k864aqWI003913: [172.17.94.67] did

not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

Sep 6 00:36:55 fedex sendmail[3928]: k864atMu003928: [172.17.94.67] did

not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

Sep 6 00:36:55 fedex sendmail[3953]: k864atKh003953: [172.17.94.67] did

not issue MAIL/EXPN/VRFY/ETRN during connection to MTA

Sep 6 00:36:55 fedex sendmail[3934]: k864atH8003934: [172.17.94.67] did

not issue MAIL/EXPN/VRFY/ETRN during connection to M

and SMTP server does not response those simultenous keepalive check, and on the CSS sides, the service has been keeping on flap between Active, Dying and Down, and it's happened only 00:00 - 06:00.

and here is the CSS parital configuration.

service FEDEX-25

protocol tcp

port 25

ip address 172.17.94.68

redundant-index 2568

keepalive type tcp

keepalive port 25

weight 5

active

CSS11501# sh service FEDEX-25

Name: FEDEX-25 Index: 32

Type: Local State: Alive

Rule ( 172.17.94.68 TCP 25 )

Session Redundancy: Enabled

Redundancy Global Index: 2568

Redirect Domain:

Redirect String: (null)

Keepalive: (TCP-25 5 3 5 )

Last Clearing of Stats Counters: 09/06/2006 14:06:21

Mtu: 1500 State Transitions: 3652

Total Local Connections: 983172 Total Backup Connections: 75

Current Local Connections: 4 Current Backup Connections: 0

Total Connections: 983247 Max Connections: 65534

Total Reused Conns: 0

Weight: 5 Load: 2

DFP: Disable

any comments would be appreciated.

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎09-06-2006 11:36 PM

the CSS is not configured to do an SMTP keepalive but simply to open the TCP connection and see if the server respond to the SYN.

Apparently, the server does not appreciate connection being opened and no data being sent.

You can try 2 things.

1- use a real SMTP keepalive.

The command is "keepalive type script ap-kal-smtp"

2- try to set the tcp-close type to fin instead of reset to see if the server likes this.

"keepalive tcp-close fin"

You can try command (1) or (2) and see if that helps.

Gilles.

0 Helpful

a12288
Level 3
Level 3
In response to Gilles Dufour

‎09-07-2006 04:55 AM

Thanks, Gilles.

Will try your recommendations, and how to check the CSS keepalive behavior? since the server logs shows CSS send 3 keepalive in a row.

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to a12288

‎09-07-2006 05:14 AM

you can capture a sniffer trace on the server to verify what the CSS is doing.

But I do not think it is sending 3 keepalive in a row.

Your timer is set to 5sec. So, you will probably see a SYN every 5sec.

Gilles.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents