Response Timeout from DMZ to green

mumpitz · 20 August 2023 16:31

Hello,

I have a DMZ set up with a Raspi providing an XMPP server called Openfire.
The admin console is a webinterface on port 9090 and 9091, also ssh on port 22 is reachable.
But from time to time when I am in the webinterface I get timeout messages from browser. This lasts sometimes shorter sometimes longer until it works again. During this time I can’t connect to ssh either, but if I’m already connected it continues to work.
What I noticed is that the Ipfire in the time also can not make whois requests.

Does anyone have an idea what this could be?
The Raspy is not overloaded, firewall rules do not bring any changes, because the connections work, but after a while then always these timeouts

jon · 20 August 2023 17:04

Is this running on the ipfire box? I am guessing not.

Is this the ipfire web interface? Again I am assuming you are referring to the openfire.

Assuming the ipfire box is not overloaded, this is probably a better question for the folks at Openfire.

(sorry - lots of assumptions on my part)

mumpitz · 20 August 2023 17:30

Openfire on Raspy in DMZ

No the webinterface from Openfire in DMZ

But why can ipfire not reach whois in the time of timeouts? This happens at the same time.
And my ipfire is also not overloaded.

bonnietwin · 20 August 2023 17:57

What do the logs in ipfire and openfire say.

Can you run openfire with a debug or verbose setting so more info is shown in the logs.

mumpitz · 23 August 2023 06:40

I found the problem, it was a firewall rule in windows set by a VPN client… And the whois problem with ipfire was DNS related like a few months ago where unbound has a hiccup