From owner-freebsd-questions@FreeBSD.ORG Sat Mar 19 22:40:23 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 601B6106566B for ; Sat, 19 Mar 2011 22:40:23 +0000 (UTC) (envelope-from LConrad@Go2France.com) Received: from mgw1.MEIway.com (mgw1.meiway.com [81.255.84.75]) by mx1.freebsd.org (Postfix) with ESMTP id 29A688FC08 for ; Sat, 19 Mar 2011 22:40:22 +0000 (UTC) Received: from VirusGate.MEIway.com (virusgate.meiway.com [81.255.84.76]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id 0539647184B for ; Sat, 19 Mar 2011 23:40:25 +0100 (CET) Received: from mail.Go2France.com (ms1.meiway.com [81.255.84.73]) by VirusGate.MEIway.com (Postfix) with ESMTP id 914923865B4 for ; Sat, 19 Mar 2011 23:40:25 +0100 (CET) (envelope-from LConrad@Go2France.com) Received: from W500.Go2France.com [72.48.240.99] by mail.Go2France.com with ESMTP (SMTPD32-7.07) id A0D21693009E; Sat, 19 Mar 2011 23:40:18 +0100 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Sat, 19 Mar 2011 17:40:13 -0500 To: freebsd-questions@freebsd.org From: Len Conrad Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Message-Id: <201103192340697.SM06140@W500.Go2France.com> Subject: tcp/ip failures with fbsd 8.2 386 on ESX 4.1 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Mar 2011 22:40:23 -0000 FreeBSD 8.2 32-bit ESXi 4.1 em0 driver to the ESXi Intel emulation syslog-ng 2.0.10 em0: flags=8943 metric 0 mtu 1500 options=9b ether 00:50:56:90:00:01 inet a.b.c.85 netmask 0xffffffe0 broadcast a.b.c.95 media: Ethernet autoselect (1000baseT ) status: active We've be running FreeBSD 7.x for a couple of years on ESXi 4.0 and 4.1 with no problems. We're having tcp/ip failures with 8.2 as syslog-ng server. trafshow shows aggregate port 514 traffic hitting peaks of about 25K char/sec. After sometimes many hours of the syslog-ng VM server running well, monit from other machines signals port 514 is down, up, down, up. this is confirmed by other machines with nmap a.b.c.d -p 514 -sU ... showing closed, open, closed, etc. syslog-ng logging for all syslog clients stops more or less simultaneously. trafshow filtered for port 514 shows udp packets arriving, but instead of showing the source and destinations by PTR domain name, it switches to showing their IPs. to test the external DNS, on the syslog-ng VM, we try dig @recursive.server -x a.b.c.d and get no response. Other machines query the recursive server successfully. Without rebooting the FreeBSD VM, we do /etc/rc.d/netif restart /etc/rc.d/routing restart which allows full operation. dmesg and messages show no errors. Suggestions? Len