Figuring out the reason for a "Connection timed out" error

linux centos firewall netscaler
6,072

Instead of looking into server logs, first make sure if the HTTP request arrives at your server or not via ;

tcpdump -nni any host 111.111.111.111 and port 80

As 111.111.111.111 being the remote IP. If you don't see anything once they initiate the connection, problem is at somewhere else. You may not see refused connections in a web server log file if it is somehow blocked at a lower layer.

Share:
6,072

Related videos on Youtube

Haluk
Author by

Haluk

Updated on September 18, 2022

Comments

  • Haluk
    Haluk almost 2 years

    For the last 24 hours two independent servers are having a hard time connecting to our web server. They are trying to open a port 80 connection.

    They are both receiving "connection timed out" errors. These servers are in two different countries. I'm waiting for tracert's from these servers.

    But in the meantime, I'm thinking the reason has to be with our own server or the netscaler in front it. Hosting company insists there is no problem with the netscaler.

    Where can I check on our centos box to trace refused connections? Are there any logs I can look into?

    UPDATE:
    Make that three independent servers. It turns out Paypal cannot send Instant Payment Notices as well. All three services are trying to call separate pages on our server.
    We've used Paypal Sandbox to repeat the error and now we can continously test it. We tested this on other websites. Paypal sends a http request as follows: 

    Content-Type: application/x-www-form-urlencoded  
Content-Length: 699

    Unfortunately our server does not receive this http request. We tried this on another server behind the same netscaler. It does not receive the http request as well.
    I think the netscaler is blocking the connection for some reason.

    Why would the netscaler block this connection? What should I look into?

    UPDATE-2:
    Any http request without "user-agent" info seems to be blocked at the netscaler level.

    • cjc
      cjc over 12 years
      Well, the first place to look would be the various web server (and app) logs, to see if there's anything going on. If you can get the IP addresses of the remote servers, that will help you search. Also, look at "netstat -a" output for anything weird.
    • Haluk
      Haluk over 12 years
      This turned out to be a netscaler problem. The hosting company fixed the netscaler and now all is fine.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What prevents a machine from responding to pings?
blocking port 80 via iptables
iptables blocking from internet side on eth1?
IPtables string match for some URLs
What does an empty iptables mean?
Problems with multicasts in "iptables"
FirewallD is not running in CentOS Linux 7.1.1503
Plesk 11 Set firewall rules manually
Can not open ports in iptables on CentOS 5?
Why firewalld doesn't apply my drop rule?