Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

slow response rates on port 25

Hi,

We are running a HA XG310 cluster, on version SFOS 17.5.9 MR-9. Using the XG also for mail filtering, but have had some issues with it:

Sometimes (very irreguar) XG replies slow (to *VERY* slow) to connections on port 25. We have even had a weekend during which basically no email came through at all. And the strangest thing: it 'just starts working again'. No changes before, no changes after. Very frustrating.

Sophos supported looked at it as it was happening, and were clueless. So did our reseller, and no one can explain this.

So, I wrote a little script to monitor the speed of the initial reply to a connection to XG port 25, and report any response time slower than ten seconds. Generally, we never hear from the script, meaning everything is fine, but on febr 3, it happened again: response times all the way up to 128 seconds. I guess that slow basically means: a timeout, and a new delivery attempt will be done later.

The system is NOT buzy, generally healthy, and no one can explain this.

Our question is: WHY is this happening, and is it caused by our specific config, or something in the sophos cloud. And to find out that, I would like to ask:

Are there people here (and the more the better) willing to also run the little script, and report your finding back in this thread?

Keep in mind: You'd have to keep running the script for perhaps months, as the slowness is only there occasionally. It can work perfectly for many weeks in a row. But hopefully, if we experience this slowness at the same time, we can point to the sophos cloud, otherwise the only possible conclusion is that it is specific to our setup.

Make sure to edit the alert email address and the XG ip address.

#!/bin/bash

# smtp port should be 25, for testing notifications, you could try on port 26
port=25
initial_delay=0
alert_email="email@domain.com"

# initiate connection to smtp port on XG
/bin/nc -v -z 1.2.3.4 $port &
pid=$!

response=0
# initial_delay is the delay to be considered 'normal', so first wait:
sleep $initial_delay

# now wait and check if the nc process is still waiting for answer from XG
while kill -0 $pid >/dev/null 2>&1
do
    echo $response
    sleep 1
    let response=response+1
done

let response=response+$initial_delay

# check final result, and send email when neccesary result is more than 10 seconds
if [ "$response" -ge 9 ]; then
    # send notification email
    echo "Response-time around $response seconds on port $port" | mail -s "SMTP responding too slow ( response_time=$response ) on XG" $alert_email
fi

# to always log to syslog, uncomment this line
# logger "SMTP responding test script ( response_time=$response ) on XG"

We saved the script as /usr/local/sbin/smtp and defined this cronjob:

* * * * * /usr/local/sbin/smtp > /dev/null 2>&1

Really curious if there are people here willing to run this. :-)



This thread was automatically locked due to age.