Every so often at some time later (usually less than 30 minutes) the server publisher stops working. I started doing wireshark on the nic and the inbound traffic is definitely still there. Then I started doing a 'netstat -an' and started to notice the nic:3074 UDP * listener disappears at the same time the published server stops working. I would have to disable and then re-enable the publish rule to get the server to receive inbound traffic again.
Has anyone seen something similar where UDP listeners stops listener for some reason? Any help would be appreciated.
I do not believe it's being flooded. But, are you suggesting that the IP stack maybe flooding and causing the UDP listener to drop that port? It may very well be, I have to run some tests to find out.
But, are you suggesting that the IP stack maybe flooding and causing the UDP listener to drop that port?
yep, or ISA is dropping it. If you have IDS enabled, it could be considered an UDP bomb or attack? Anything showing in the ISA logs and Dashboard alerts? Non-TCP connections limits could be set to low?
I checked the IP connections limits, they were set at defaults 1000 and 160. I increased them to 10000 and 16000, and the UDP listeners still disconnects after a while. There were no alerts in the dashboard or alerts to indicate any kind of instrusion. Then I ran wireshark on the port and during the times disconnect happens, there was not much traffic going to the UDP listener. About 60 packets/second. At this point, I don't know where to look into next. If you have any ideas I appreciate it.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> UDP Server periodically disconnects 
UDP Server periodically disconnects - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread