LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   what will be the reason (https://www.linuxquestions.org/questions/linux-software-2/what-will-be-the-reason-351438/)

digitalj 08-09-2005 04:57 AM
unexpected shutdown ! what will be the reason
 
one linux server is down automatically
messages showing

Aug 5 09:01:56 server01 kernel: GEN-DUMP: IN=eth0 OUT= MAC=00:c0:9f:38:23:de:00:d0:02:76:c8:00:08:00 SRC=xx.xx.xx.xx DST=xx.xx.xx.xx LEN=55 TOS=0x00 PREC=0x00 TTL=60 ID=43424 DF PROTO=UDP SPT=53 DPT=59583 LEN=35

what will be the reason ?

Half_Elf 08-09-2005 01:50 PM
this line tell you xx.xx.xx.xx (SRC) is trying to talk to xx.xx.xx.xx(DST) from port 53 (DNS) to port 59583 (unassigned port).
Your computer is probably running a DNS server and this line show us that your server is answering to a client request.

I doubt this has something to do about crashing.

sundialsvcs 08-09-2005 04:00 PM
I do not quite understand what it is that you say your computer did.

Did the machine "just shut down, normally, all by itself, with no one asking it to do so?"

Did it "crash?" "Hang?" "Die?"

Did it "stop responding to the network, but the console is still okay?

What ...

digitalj 08-09-2005 11:40 PM
Yes ! system shut down itself.

more messages .. plz suggest what is this

Aug 09 04:07:11 server01 kernel: GEN-DUMP: IN=eth0 OUT= MAC=00:c0:9f:38:23:de:00:d0:02:76:c8:00:08:00 SRC=xx.xx.xx.xx DST=xx.xx.xx.xx LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=62553 DF PROTO=TCP SPT=3310 DPT=25 WINDOW=65535 RES=0x00 SYN URGP=0

Half_Elf 08-10-2005 07:05 AM
As I said _earlier_ those message have nothing to do about the crash.

This tell us your computer is trying to talk to a SMTP (mail) server... I dont see how this could have something to do with the crash.

digitalj 08-11-2005 06:24 AM
hi Guys !!
this is a line from /var/log/messages

Aug 5 09:01:56 server01 kernel: GEN-DUMP: IN=eth0 OUT= MAC=00:c0:9f:38:23:de:00:d0:02:76:c8:00:08:00 SRC=xx.xx.xx.xx DST=xx.xx.xx.xx LEN=55 TOS=0x00 PREC=0x00 TTL=60 ID=43424 DF PROTO=UDP SPT=53 DPT=59583 LEN=35


Quote:
MAC=00:c0:9f:38:23:de:00:d0:02:76:c8:00:08:00
is this a MAC addr of source or destination , generally MAC having 6 field, if it is a combination of source and destination MAC , then why 4 more values are there ?
any comment or suggestion ?

Half_Elf 08-11-2005 09:09 AM
No clue, but it's just the usual, there is always a useless "00" field at the end of end MAC adress in kernel log I believe.

Anyways, as I told you earlier, your firewall logs (because THESE are firewall log) have NOTHING to do about crash. All these logs are quite useless if you are trying to find the cause of a crash.


All times are GMT -5. The time now is 06:05 PM.