[ale] Ftp troubles

Robert E. Karaffa, II rkaraff at emory.edu
Thu Feb 21 18:15:38 EST 2002 

Hi folks,
    We're experiencing some troubles with ftp here at Emory.  I set up a
Mandrake box to serve web, ftp and AppleShareIP.  It's in the 170.140.n.n
domain.  Our clients transfer data to/from it from everywhere, on campus and
off.  Mostly on campus.  Emory has its network broken up into three main
domains:  the one above, 163.246.n.n, and another I can't remember.  Here's
what I'm seeing:

-ftp server is ProFTPD v1.2 (Mandrake 8.0, kernel 2.4)
-data transfer interruptions resulting in loss of connection
-error messages (connection was reset by server, connection timeout)
-I've seen these problems myself, and my clients have as well.

I've had a look at the logs for the server (syslog and daemon logs) and
don't see anything that would point to the problem.  Now, having said that,
we've seen some network trouble here at Emory in the 163.246.n.n domain.
Earlier this week, my ftp transfers were fine.  Tues morning, suddenly I
could connect to my server (or any server anywhere in the world) but was
immediately disconnected, or I would get a "connection reset by server"
message.  After discussing it with our IT folks, we thought it was a local
problem (meaning that it was the ftp clients on our lab Macs).  However,
seeing as how it was happening to 4 Macs all at the same time lead me to
believe that it was more a network problem.  At first, trashing the ftp
client's preferences file seemed to fix it, so we thought "case closed".  I
did some further testing and discovered that it was a problem with passive
mode transfers.  Formerly, I had all the ftp clients set to use passive.
Suddenly, it didn't work anymore.  The IT guys tell me that they experienced
some firewall problems earlier this week, but that it was now OK.  So, off I
go thinking that it was fixed.  Wrong.  Today, I find that non-passive mode
now does not work, but passive mode does.  Further self-education reveals
some stuff about passive mode (from the Mac ftp client Fetch docs:

Use passive mode transfers (PASV) -- If this box is checked Fetch will
initiate data connections, rather than asking servers to connect back to
your Macintosh.  Some company firewalls prevent incoming connections, and
this option makes it possible to use Fetch behind those firewalls.


Ok, so it turns out (I'm pretty sure) that our firewall problems were the
culprit.  Passive mode now works like it did before, however I'm still
seeing hangs and data transfer timeouts.  Anybody got any ideas?  I'm
checking the ProFTPD.org site but haven't come across any hints yet. (whilst
typing this note I got a "Server response:  Can't build data connection:
Interrupted system call" error message during a 2.3Gb transfer.  Hmmmm.....)


-Bob K.
-- 
**************************
Robert E. Karaffa, II
Technical Director
Emory University
Flow Cytometry Core Facility
1365 B Clifton Rd., Room B5133
Atlanta, Ga 30322
voice: 404/712-4429
e-mail: rkaraff at emory.edu
**************************


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list