Connection refused after 15 to 30 minutes, sometimes an hour
I have 4 Linux OEL 5.3 boxes. 2 production, 2 test. I connect to them through VPN. The programs I access the servers from are a cygwin xterm window - ssh or sftp or Oracle Applications EBusiness.
I can connect to any of the servers with out issue as many times as I want within the first 15 to 30 minutes after connecting to the VPN. After 15 to 30 minutes, sometimes an hour, but rarely that long, I can still connect fine to my test instances, but I get a connection refused message trying to open a new connection to Production. This also causes my Oracle Applications session to end. I do not have a problem with the xterm windows I have connected at the start of my session. I can also ssh to one or any of the servers from one of my open connections, but I cannot get a new one.
The network engineers say that it must be a setting on my servers. There is no reason it would let me on one box as opposed to the others.
To get any type of new session to production I have to disconnect my VPN connection and establish a new one. This really only affects my Web session on Apps. I have learned to live with the other.
Is there a Linux setting that would send something randomly to the VPN to tell it to cut me off? What can I possibly look at? The boxes are configured exactly the same except a couple of settings.
The following settings are commented on the Prod boxes but not on the Test boxes.
/etc/security/limits.conf
* hard nofile 65535
* soft nofile 4096
* hard nproc 16384
* soft nproc 2047
The following settings are on production, but not on test:
/etc/resolv.conf
options attempts:5
options timeout:15
I see the following message in the messages log on the production boxes if I add portmapper:ALL to the /etc/hosts.deny file, but not on the test boxes. The # are actual numbers but masked for this thread.
connect from ##.#.###.### to callit(ypserv): request from unauthorized host
This is so frustrating. Aside from asking their network admin to put my test boxes on the same subnet as the prod boxes to see if it exibits the same behavior, I'm at a loss.
Oh, yea, one weekend a few weeks ago my connection stayed open all weekend and I thought the issue was resolved. Come Monday morning I was back to connection refused after an hour. It appears lately it's back down to 15 minutes.
This all appeared to happen after the VPN asked me to download a new client. At that time I not only could not establish a new connection, but the connections I had were disconnected. It's better now, as I no longer lose the session I have established, but still a mystery why I cannot establish a new session from my desktop after 30 minutes. (yes, the time varies and is not consistent, it was 12 minutes a few minutes ago, and over an hour a few minutes before that).
The VPN is a a webpage vpn called Aventail version 10.0.2.38
Last edited by lmu9@yahoo.com; 12-16-2009 at 05:00 PM.
Reason: additional details.
|