ColdFusion 9 on Win2k8R2 64bit no more connectivity

Has anyone ever run into an issue where their server consumes all tcpip connections?  Basically, when our server ramps up during the day cfmx is no longer to make any out bound connections to our database our mailserver.  If I open IE on the box I can't get an external webpage to come up.  THe only way I can solve the issue is to reboot the box.  Is this ringing any bells for anyone? Thanks in advance.... - Alex

How do u know its cf using all connections? You can use netstat to get a better idea whats going on Type netstat /? For more details Regards Russ Michaels On Jul 24, 2012 9:54 PM, "Alex DeMarco" <Alex.DeMarco@suny.edu> wrote: ----- Excess quoted text cut - see Original Post for more -----

What version of windows? Standard, web, enterpsirse? Is this a hosted server? Dedicated, VM? Any issues with servers one the same switch?  Is there an outbound firewall?  If so, what brand /model? What type of internet connectivity? And yes, if you can post the netstat results that will help.  Also a tracert from the server as well during this event. I take it if you can login and do stuff on the server this isn't a cpu issue. Byron Mann Lead Engineer and Architect Hostmysite.com On Jul 24, 2012 4:54 PM, "Alex DeMarco" <Alex.DeMarco@suny.edu> wrote: ----- Excess quoted text cut - see Original Post for more -----

What version of windows? Standard Is this a hosted server? No in house server(s), dedicated Both of our web servers are behind a F5BigIP device and then behind a set of ASA 5540s What type of internet connectivity?  Multiple T-1's No Cpu or mem spike when the issue is occurring. When the issue is happening I can rdp in but can't get to anything outside of the box, telnet, ping, web, ssh. Unfortunately I've had to fall back to our older IIS 6 boxes so I do not have a current netstat to show you.  There were a lot of TIME_WAIT's When the issue was happening and I run this netstat -n | find ":" /c the number hits around 3000, but fluctuates.  It's like connections are not being released fast enough. This is my first usage of 2k8 with IIS7.5 is there tweaking to the IP stack that is need for iis 7.5? Thanks for replying.. - Alex What version of windows? Standard, web, enterpsirse? Is this a hosted server? Dedicated, VM? Any issues with servers one the same switch?  Is there an outbound firewall?  If so, what brand /model? What type of internet connectivity? And yes, if you can post the netstat results that will help.  Also a tracert from the server as well during this event. I take it if you can login and do stuff on the server this isn't a cpu issue. Byron Mann Lead Engineer and Architect Hostmysite.com On Jul 24, 2012 4:54 PM, "Alex DeMarco" <Alex.DeMarco@suny.edu> wrote: > > Has anyone ever run into an issue where their server consumes all > tcpip connections?  Basically, when our server ramps up during the day > cfmx is no longer to make any out bound connections to our database our mailserver. ----- Excess quoted text cut - see Original Post for more -----

A tracert to an external IP is going to tell you where things are stopping. 3000 connections doesn't really sound all that high.  Even with ones lingering. But I would ask do you know what those 300 connections are? Any possibility the machine is compromised, and something like a bot is saturating the network connection. The most strange part is you can RDP while this is occurring.  If limitations are being hit then I doubt you'd be able to RDP in. Is there more than one NIC?  If you are RDP'ing via an internal NIC, which by-passes the firewall and an external NIC exists, then I can see you being able to RDP in, but not get out on through an external NIC if it's being saturated somehow, or the firewall is hitting a session limit. ~Byron ----- Excess quoted text cut - see Original Post for more -----

I working to create a load test on the server to try and reproduce the issue.  I have 6 of them all exhibit the same issue.  I am pretty certain they are not compromised.  I already had an established RDP connectoin when the issue was going on, but will test that if I can reproduce the issue.  Getting a repoduceable scenario is key..  I'll post again once I get that to happen.  There are 2 nic's both bound to the same network. thanks for the feedback - Alex ________________________________ Sent: Wed 7/25/2012 5:58 PM To: cf-talk Subject: Re: CF9 on Win2k8R2 64bit no more connectivity A tracert to an external IP is going to tell you where things are stopping. 3000 connections doesn't really sound all that high.  Even with ones lingering. But I would ask do you know what those 300 connections are? Any possibility the machine is compromised, and something like a bot is saturating the network connection. The most strange part is you can RDP while this is occurring.  If limitations are being hit then I doubt you'd be able to RDP in. Is there more than one NIC?  If you are RDP'ing via an internal NIC, which by-passes the firewall and an external NIC exists, then I can see you being able to RDP in, but not get out on through an external NIC if it's being saturated somehow, or the firewall is hitting a session limit. ~Byron ----- Excess quoted text cut - see Original Post for more -----

when this happens can you even ping any external domains, sound like it may be a dns issue. On Thu, Jul 26, 2012 at 1:56 AM, DeMarco, Alex <Alex.DeMarco@suny.edu>wrote: ----- Excess quoted text cut - see Original Post for more -----