# # Debugging Host Connection Limit Reached on Kerio Control
APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Debugging Host Connection Limit Reached on Kerio Control

I've removed advertising from most of this site and will eventually clean up the few pages where it remains.

While not terribly expensive to maintain, this does cost me something. If I don't get enough donations to cover that expense, I will be shutting the site down in early 2020.

If you found something useful today, please consider a small donation.



Some material is very old and may be incorrect today

© May 2019 Anthony Lawrence

Anonymous asks:

How can I figure out why I am getting Host Connection Limit Reached problems? This is my mailserver - I've already checked its logs and nothing unusual is going on.

The dreaded Hosted Connection Limit Reached

I wish Kerio Control would dump a log of all connections when it hits this limit - maybe they will someday, but for now this isn't all that hard to find, assuming the cause is on-going or at least frequent.

If you right-click in the debug log, you can dump packets from or to any address. For example, your problem seems to be with your 210.10.10.198 host. To see what it is doing, use this Packet Dump expression:

addr=210.10.10.198
 

Sometimes you may want to do more. In your case, that 210.10.10.198 is your mailserver, so something like this might be more appropriate:

addr=210.10.10.198 & port !=443 & port !=993 & port != 25
 

That filters out the stuff you already know isn't a problem.

Just keep adding "& port !=" until you've eliminated all expected and normal traffic. What's left will likely be your problem. If the traffic is bursty or sporadic, you may need to leave this on for a while to catch them in the act.

In this case, it turned out to be an attack on port 80 by a machine in Turkey. There was no reason to have port 80 open outside anyway, so we blocked that and added the attacker's IP to a block list.

The 8.6 release of Control will have the ability to distinguish between peers and hosts, allowing you to set separate values for a single peer and for all connections with all peers. By default, each host is assigned a limit of 100 connections with a single peer, and 600 connections for all peers.

See also Kerio Control Connection Limit Reached Alert


If you found something useful today, please consider a small donation.



Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> Debugging Host Connection Limit Reached on Kerio Control


Inexpensive and informative Apple related e-books:

Take Control of High Sierra

Take Control of IOS 11

Take Control of the Mac Command Line with Terminal, Second Edition

Take Control of Apple Mail, Third Edition

Take control of Apple TV, Second Edition





More Articles by © Anthony Lawrence





Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





There are two major products that came out of Berkeley: LSD and UNIX. We do not believe this to be a coincidence. (Jeremy S. Anderson)




Linux posts

Troubleshooting posts


This post tagged:

Control

Forum

Kerio

Kerio Info

Kerio Pricing

Kerio RSS Feed

Security

Troubleshooting



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode