• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Connection issues from one ISP

P

Pat Brown

New Pleskian
To start, we are a software development company. We house many websites for ourselves and customers on Windows IIS. We have added a Linux server with Plesk to house wordpress sites for customers.

The problem. From my office I have connection issues to any website on the Plesk server, including the control panel or default site. Also none of our customers can connect after they connect to our VPN. Not sure if this is related. Although this is the only server that can't be accessed while on the VPN.

When I try to connect to a website I get a timeout on my web browser. On the server I get one line in the log:
2021-06-19 09:22:26 Access 207.119.194.xxx 301 GET / HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 5 nginx access

After that I get no more logs and it times out in the browser.

The testing I've done so far. I created a simple webpage on one site with one word in it. Just "test". No HTML code at all. It displays if I connect with http, but not if I connect with https. I can access the server through SSH with no problems. I don't have problems with any other server on that IP range, Windows or Linux. I have moved a standard Linux/Apache server onto this IP address and can connect with no problems. I have also moved this server both to another IP address on this network and an IP address on another network (we have 4). The problem always follows this server. I have checked fail2ban. It's not reporting any banned IP address. (This server doesn't have much activity yet.) I also added my IP as a trusted IP just to be safe, but still no luck.

I have also checked with my neighbors and they have the same issues connecting. But the rest of the world connects with no problems.

What else can I check? Any ideas would be appreciated.

Thanks in advance.
 
I looked at tcpdump on the server. There are entries for the bad connections. I am not really sure what it all means, But it is connecting. I can obscure the addresses and post the logs if that would help.
 
Thanks for the list. I have done those tests. Also I forgot to mention that no one in my small town can connect to it either. I have tried to contact the ISP, but it's <I'm not sure if we're allowed to name names>. They are the worst provider I have ever had the displeasure of working with. Unfortunately they are the only option in our small town. When you contact them with a problem they don't want to deal with, they just hang up on you. I have had them hang up multiple time on this and other issues, both on the phone and the online chat sessions.

But I still believe this to be a Plesk issue. Here's why. I can connect to any other server on all 4 of our networks with no other problems. Also I can connect to this server through SSH and stay logged in for days at a time with no issues. I am making the connection on websites because my IP shows up in the logs and tcpdump. But somewhere between connecting and displaying the page on my browser it dies and times out.

I have done some more testing on the VPN issue mentioned above and it turns out the the same pattern exists there also. I can connect to websites on any server except this one. Both Linux/Apache and Windows/IIS. It's only the Plesk server that has problems.

Also, I have found that I cannot connect from some internal pathways also. I.E. If I pull up a browser on 192.168.5.xxx and point it at 192.168.1.39 (The Plesk server) it should display the Plesk landing page. But it doesn't. These data centers are connected through an internal VPN that has no other issues that I'm aware of. If I pull up a browser on 192.168.1.xxx it will display. Again, this is the only server that has this problem and SSH works fine. If I point 192.168.5.xxx to the public IP or a domain name it will display. So that's weird.

I'm sure there are other people affected by this. If I thought it was truly just me and my little town, I wouldn't be worried about it. But I am convinced this is a Plesk issue.

I feel like I'm being a pain, but I'm really not trying to be. I really do appreciate all the input. Thank you.

Any other ideas?
 
Pat Brown said:
I looked at tcpdump on the server. There are entries for the bad connections. I am not really sure what it all means, But it is connecting. I can obscure the addresses and post the logs if that would help.
Click to expand...
Were there only incoming packets, or outgoing too? That the log shows a 301 means the TCP and SSL negotiation must have succeeded somehow ...
Try connecting with lynx or wget and see what happens. Especially interesting is whether the caller gets the 301 redirect, and where that points to.
 
Sorry for the delay. I figured out the 301. The domain I was using as a test automatically redirected to https. Sorry for the confusion. That was my bad.

For these new set of tests there will be no https involved. And the domain names/IP addresses have been changed to protect the guilty.

The first test is a simple html file that only contains one word in "test". No html or anything else. I have noticed several times that this will work.

What follows is the output from tcpdump on the server and then the output from wget on the client.

See texttest.png

Everything on this is working as it should.



Now we move to the problem. The timeouts happen anytime I try to pull up a website with anything except basic test on it.

This is the output from trying to access the Plesk landing page on the server.

See plesklandingpage.png

This one times out.

I'm really confused by this line:

customer.isp.dns.server > server.dns: ICMP customer.dns unreachable - need to frag (mtu 1492), length 60

I'm confused for two reasons. 1.) It doesn't show up in the working section. And 2.) The server can ping this address and the customer address with no problems.

Thanks again for your help so far.
 

Attachments

  • plesklandingpage.png
    plesklandingpage.png
    171.1 KB · Views: 12
  • texttest.png
    texttest.png
    124 KB · Views: 12
Hm. The server tries to send a packet of size 2880. Suspiciously, this is twice as much as normal (and what the server falls back to after it receives the "fragmentation needed" message).
What does ifconfig say about your MTU? - And on the servers where it works?
 
The MTU on the plesk server is set to 1500. I checked the other linux servers and the workstation I used remotely to test with. They are all set to 1500.

Does that give you any useful information?
 
Could you try lowering the MTU on the server (ifconfig <interface> mtu 1492) and see what happens?
 
Also still the same ICMP fragmentation needed? If so, try an even lower value, like 1440. If it still needs to frag then I'm out of ideas.
 
Yep, still the same ICMP fragmentation. I also tried 1440 and got the same results.

Thank you for your help. It took you longer to run out of ideas than it did for me.
 
You must log in or register to reply here.

Similar threads

S
Issue Access to a database from another plesk server
Replies
3
Views
351
mow
M
L
Resolved No outgoing requests
Replies
1
Views
236
lutsoft
L
T
Question Plesk Migration: How to connect via SSH to Source Server (help needed after many trials)
Replies
3
Views
612
La Linea
L
P
Issue Certificate problem in Plesk
Replies
5
Views
331
Raul A.
R
I
Issue migrate webmail schedules
Replies
2
Views
239
Inma
I
Back
Top