Colin Jack wrote; Tuesday, March 17, 2009 7:55 AM
>> > * The FTP server is operating normally.
>> >
>> > Seeing this about four or five times in 24 hours.
>>
>> We have yet to witness this on any server and we run service-level
>> monitoring on every one of our hosting boxes at 5 minute intervals.
>>
>> This sort of smells DNS'y to me with the off/on-again nature that you're
>> describing. You're not running DNS lookups on your FTP, are you? How
>> is your DNS recursion doing? Does /var/log/messages show anything odd
>> w/ regard to proftpd?
>>
>> --
>> Chris Gebhardt wrote;
>
> These servers have been rock solid for years (apart from the BO one) ...
> not running anything like DNS lookups.
> Absolutely nothing has changed other than the yum update which updated
> ProFTPD.
> The servers are colocoed at two different data centres.
>
> Nope nothing untoward in the logs.
Look at /usr/sausalito/swatch/bin/am_ftp.exp
And try to run the telnet commands manually and see if you get errors.
telnet localhost 21
Then expect response;
"Connected to"
Then expect response;
"220 "
Then send;
QUIT or quit
Then expect response;
"221 "
This should all work.
Then execute;
swatch | cat /var/log/messages | grep cced | grep ftp
We have found that several servers we configured and updated give 'Active
Monitor' errors, but FTP is actually working.
It may be a timeout issue. Strangely, the Stongbolt servers did not have
this issue.
Gerald