If local Dovecot stops working, check lo
Hi all,
You probably know this already, but just in case...
Let's say you have your email client getting mail from a Dovecot server on the same computer (which is a really good way of doing things, by the way). Then one day your email client starts saying "connection refused" after a suitably long timeout. So then, to find out where things are getting stuck, you do the following command:
openssl s_client -connect 127.0.0.1:993 -quiet
And you don't even get an OK back. This means it's not your username or password, because you never even got that far. Before spending a lot of time doing diagnostic tests and narrowing it to the root cause, try this as root:
ifdown lo ifup lo
A malfunctioning lo will cause Dovecot not to connect to clients. My experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens.
HTH,
SteveT
Steve Litt * http://www.troubleshooters.com/ Troubleshooting Training * Human Performance
Am 12.07.2014 13:31, schrieb Steve Litt:
ifdown lo ifup lo
A malfunctioning lo will cause Dovecot not to connect to clients. My experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens
uhm if you *loopback device* goes down your machine has a serious problem - within 15 years Linux expierience i never faced a broken "lo" device and i guess the same for 99.9999% of all admins
On 07/12/2014 01:41 PM, Reindl Harald wrote:
Am 12.07.2014 13:31, schrieb Steve Litt:
A malfunctioning lo will cause Dovecot not to connect to clients. My experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens
uhm if you *loopback device* goes down your machine has a serious problem - within 15 years Linux expierience i never faced a broken "lo" device and i guess the same for 99.9999% of all admins
While I *am* part of those 99+%, I would like to point out that there *also* is a lot of stuff that is perfectly normal for run-of-the-mill network interfaces, but likely has never been tried by said 99+ with lo, either. In particular, the following possibilities come to my mind:
- Flaky IPv6 support (which wouldn't affect "127.0.0.1" directly, but might cause frequent changes of lo to add/remove/repeat ::1)
- New interface naming schemes (I note that while eth0 starts to appear under all sorts of fancy names, nonempty iptables rules still routinely do a "-i lo -j ACCEPT" name reference in filter/INPUT)
- Taking ntpd's 127.127.x.y pseudo-IPs for clocks a tad too literally
To sum it up - I think that you *do* want to try and nail a root cause there.
Regards, J. Bern
*NEU* - NEC IT-Infrastruktur-Produkte im http://www.linworks-shop.de/: Server--Storage--Virtualisierung--Management SW--Passion for Performance Jochen Bern, Systemingenieur --- LINworks GmbH http://www.LINworks.de/ Postfach 100121, 64201 Darmstadt | Robert-Koch-Str. 9, 64331 Weiterstadt PGP (1024D/4096g) FP = D18B 41B1 16C0 11BA 7F8C DCF7 E1D5 FAF4 444E 1C27 Tel. +49 6151 9067-231, Zentr. -0, Fax -299 - Amtsg. Darmstadt HRB 85202 Unternehmenssitz Weiterstadt, Geschäftsführer Metin Dogan, Oliver Michel
On 7/12/14, Steve Litt slitt@troubleshooters.com wrote:
experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens.
Use a better operating system then, I've used at work and home, suse, opensuse, rhel, centos, slackware and fedora, and never in my all my years of linux (I've used it since I was 14 and am mid twenties now) has loopback ever *gone away* unless i deliberately made it so.
On 14.7.2014 00:24, Nick Edwards wrote:
On 7/12/14, Steve Litt slitt@troubleshooters.com wrote:
experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens.
Use a better operating system then
Blaming operating system after *one* person reports something strange about it seems a bit overboard, doesn't it...?
On 7/14/14, Jiri Bourek bourek@thinline.cz wrote:
On 14.7.2014 00:24, Nick Edwards wrote:
On 7/12/14, Steve Litt slitt@troubleshooters.com wrote:
experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens.
Use a better operating system then
Blaming operating system after *one* person reports something strange about it seems a bit overboard, doesn't it...?
debian has a long history of being clueless: old packages in new releases, untested packages in releases (mailscanner did not, and was never going to, work out of thebox in a recent release)
debian has history of thinking it knows better than upstream: openssl screwup they told debian was wrong but debian released it anyway causing grief for not only debian systems but all systems including windows that used certs generated on a debi\an server.
and dont get me started on debians release/ftp manager and the personal biases there either, shall I go? I can but it would be a bore for most.
On 15.7.2014 11:13, Nick Edwards wrote:
On 7/14/14, Jiri Bourek bourek@thinline.cz wrote:
On 14.7.2014 00:24, Nick Edwards wrote:
On 7/12/14, Steve Litt slitt@troubleshooters.com wrote:
experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens.
Use a better operating system then
Blaming operating system after *one* person reports something strange about it seems a bit overboard, doesn't it...?
debian has a long history of being clueless: old packages in new releases, untested packages in releases (mailscanner did not, and was never going to, work out of thebox in a recent release)
As most Linux distributions, Debian is a collective work done mostly by volunteers. If you want newer versions and tested packages, feel free to help them.
And honestly, the situation about untested and old packages isn't as grim as you're trying to say.
debian has history of thinking it knows better than upstream: openssl screwup they told debian was wrong but debian released it anyway causing grief for not only debian systems but all systems including windows that used certs generated on a debi\an server.
AFAIK it was actually the other way around. Debian maintainers asked on openssl-dev list if their change is ok and were told that it is.
and dont get me started on debians release/ftp manager and the personal biases there either, shall I go? I can but it would be a bore for most.
As far as I am concerned, there's no need to be more OT than we are now.
Also please stop sending me personal messages, I am on the list.
On 7/15/14, Jiri Bourek bourek@thinline.cz wrote:
On 15.7.2014 11:13, Nick Edwards wrote:
On 7/14/14, Jiri Bourek bourek@thinline.cz wrote:
On 14.7.2014 00:24, Nick Edwards wrote:
On 7/12/14, Steve Litt slitt@troubleshooters.com wrote:
experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens.
Use a better operating system then
Blaming operating system after *one* person reports something strange about it seems a bit overboard, doesn't it...?
debian has a long history of being clueless: old packages in new releases, untested packages in releases (mailscanner did not, and was never going to, work out of thebox in a recent release)
As most Linux distributions, Debian is a collective work done mostly by volunteers. If you want newer versions and tested packages, feel free to help them.
Why would I do that when I'm happy using other systems, and one thing I hate about debian users is, they are all so shit scared of using the source if they want latest versions they wont use them unless someone creates a deb package, FFS, they call themselves sys admins
And honestly, the situation about untested and old packages isn't as grim as you're trying to say.
not from the bitches i hear daily on other lists, including one I am one of the developers of.
debian has history of thinking it knows better than upstream: openssl screwup they told debian was wrong but debian released it anyway causing grief for not only debian systems but all systems including windows that used certs generated on a debi\an server.
AFAIK it was actually the other way around. Debian maintainers asked on openssl-dev list if their change is ok and were told that it is.
not from my recollection. unless they were told by a normal user, which is why -dev lists should only be populated by devs and not public.
and dont get me started on debians release/ftp manager and the personal biases there either, shall I go? I can but it would be a bore for most.
As far as I am concerned, there's no need to be more OT than we are now.
Also please stop sending me personal messages, I am on the list.
pffft blame gmail, I could not be bothered checking the headers each time i click reply
Nick Edwards nick.z.edwards@gmail.com wrote:
On 7/12/14, Steve Litt slitt@troubleshooters.com wrote:
experience with Debian Wheezy is that lo "goes down" a lot, so this is one of the first things I do when odd stuff happens.
Use a better operating system then, I've used at work and home, suse, opensuse, rhel, centos, slackware and fedora, and never in my all my years of linux (I've used it since I was 14 and am mid twenties now) has loopback ever *gone away* unless i deliberately made it so.
And the same goes for Debian.
I have never in the last 16 years "lost" a loopback device out of the blue.
If your lo "goes down" a lot, then there is something suspicious at foot and this need to be investigated. This is not normal Debian behavior.
Grüße, Sven.
-- Sigmentation fault. Core dumped.
participants (6)
-
Jiri Bourek
-
Jochen Bern
-
Nick Edwards
-
Reindl Harald
-
Steve Litt
-
Sven Hartge