?
Solved

Network analysis wireshark

Posted on 2011-09-09
5
Medium Priority
?
224 Views
Last Modified: 2012-05-12
Hello people,

I'm analysing some traffic between my mail server and gmail...
I'm having some problems when receiving emails with attachments from gmail server and others domains...

when I look into tcpdump log, I can see that comunication starts, but few time later it begins to have problems...

the comunication stay at the same SEQ=1096
after some time restart the comunication then it stay at de seq=1096 and show the errors..

 analysis 1 analisys 2 analisys 3
someone can help me identifing the source of problems?
0
Comment
Question by:jgiannerini
  • 3
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
hvillanu earned 1000 total points
ID: 36517709
Hi,
On simple view, there's a mail rules issue, not network trouble...
Do you have some MIME-type filters on mail server or firewall?
Have limitations configured for download size on mail server?

Try with "controlled" test environment... your own gmail account and your corporate mail account, with well know attached files on a low traffic time. Perhaps on the night.

-hope helps-
0
 

Author Comment

by:jgiannerini
ID: 36522283
I have mailscanner running with postfix.
There is a limitation for download fixed in 20MB, these test messages have less than 5MB.

I have this problem only with gmail and some others domains.
I've tested with a friend and his message with 8MB attachments was received too fast.

I'm troubleshooting network connection and I got some issues about routes.
I have two links and this relay is receiving from one link and going out through the other link...
0
 
LVL 5

Expert Comment

by:hvillanu
ID: 36523388
Hi,

What means with route issues? do you already check routing table?
Also have IPtables/or similar on the mail server to route or just use the gateways to do the job?

Your server can successfully send mails with attached files at gmail accounts?
The others domains also have secure/custom ports on their mail servers as gmail?
Do you already validate that your domain can be resolved by DNS and is Not on a Blacklist?
0
 

Assisted Solution

by:jgiannerini
jgiannerini earned 0 total points
ID: 36524383
It was a problem with route and nat.
The mail server was receiving from link1 and try to establish comunication with link2.

I'm studing a way to rebuild the routing table and all acls within my cisco router...

thanks it's working now!
0
 

Author Closing Comment

by:jgiannerini
ID: 36553470
thks
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question