sunhux
asked on
troubleshooting dropped ftp connection via a leased line with Cisco routers
I have a point to point leased circuit link : both ends are Cisco 25xx routers.
Files transfer is initiated (put & get) from my end (a Linux) to a remote
Windows box (no other boxes at both ends can do files transfer :
restricted by routing / firewalls)
I've been facing intermittent ftp connection drops while a files transfer
is in progress & MRTG showed occasional bandwidth spikes that could
approach the max bandwidth.
Assuming I have no control over the remote end's cisco router & the
remote end Windows box, what's the best way to troubleshoot this?
a)I thought of running Linux "iftop" continuously on my Linux box to
see what kind of traffic is passing thru the link
b)what about mirroring a port on the switch which the cisco router at
my end connects its sole LAN link to? How do I configure this 36xx
cisco switch port for mirroring & how do I capture its traffic
What other things I can do narrow down this occasional "ftp connection
closed" in the midst of a files transfer (weirdly it can happen at 4am when
I don't expect much traffic) & the occasional spikes.
Would "show interface" on the cisco router reveal bad Telco links issue ?
ASKER
Is there a tool in Redhat Linux that's the equivalent of Solaris'
snoop
I'll probably do " snoop -d lan_interface | grep destination_addr_of_remote
& save into a file
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
> 426 Connection closed; transfer aborted.
Which are the logfiles (kindly provide directory & filename in my Linux ftp
client box & the remote end's Windows ftp server box) that I can look at
to investigate the above kind of sudden ftp connection abortion in the midst
of transfer. I have dozens of ftp transfer per day & after that 2 failed transfer
at about 4+am, all subsequent transfers are Ok.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Is there any option / parameter to for tcpdump to run only for a duration of time as
I'm afraid the logs will overgrow.
I plan to put in in a script & use nohup script_name &
so that tcpdump runs in background but I'll need to run
it for the next 24 hrs only
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you can also use the -c option with tcpdump to specify a maximum number of packets to be captured, then exit.
-Jon
-Jon
ASKER
Thanks very much.
I've decided to use
tcpdump -c 999999 -s 0 -i any host destination_IP_addr
as -n, -x & -X gives quite some complicated outputs.
Will close this thread.
Once I got the outputs, will raise another thread/question for analysis
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Excellent, thanks very very much
ASKER
The error of the ftp failure appended below:
=========================
(username) Verbose mode on.
Interactive mode off.
Local directory now /abc/temp
250 CWD command successful.
200 Type set to I.
local: file1.dat remote: file1.dat
227 Entering Passive Mode …………………
125 Data connection already open; Transfer starting.
426 Connection closed; transfer aborted. ß---------
27815 bytes sent in 0.354 secs (77 Kbytes/sec)