Background
We experienced a big outage yesterday.
Cisco patches were applied, the big VMWare boxes came back up, NetApp Storage were restarted, database servers brought online, Application & Web Servers rounded up the corner mile.
Internet Information Server ( IIS) Web Server
But not so fast with the IIS Web Servers in our QA environment.
Core Services
The Web Server is running on Windows 2014.
And, the core IIS related Windows Services on that OS are:
-
IIS Admin Services
-
Activation
-
World Wide Web Publishing Service (W3svc)
And, for each Web Site the corresponding “Application Pool”.
Repeatedly restarted the Services in the sequence listed below:
Components Stop
-
IIS Admin Manager
-
Control Panel / Services Applet
-
World Wide Web Publishing Services ( W3SVC )
-
Windows Process Activation Service ( WAS )
-
IIS Admin Services ( IISAdmin )
Components Start
-
Control Panel / Services Applet
-
IIS Admin Services ( IISAdmin )
-
Windows Process Activation Service ( WAS )
-
World Wide Web Publishing Services ( W3SVC )
-
IIS Admin Manager
But, upon launching a browser and accessing the web site locally on the box itself, no smoke.
TroubleShooting
Event Viewer
Countless episode with Event Viewer yielded no redemptive clue.
Event Log – System
| Event ID |
Level |
Source |
Details |
| 6038 |
Warning |
LSA (LsaSrv) |
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
NTLM is a weaker authentication mechanism. Please check:
Which applications are using NTLM authentication?
Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
If NTLM must be supported, is Extended Protection configured?
Details on how to complete these checks can be found at http://go.microsoft.com/fwlink/?LinkId=225699. |
| 5010 |
Warning |
WAS |
A process serving application pool ‘DefaultAppPool’ failed to respond to a ping. The process id was ‘###’. |
| 10149 |
Warning |
Windows Remote Management |
The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener |
|
Event Log – Application
| Event ID |
Level |
Source |
Details |
| 1309 |
Warning |
ASP.NET 4.0.30319.0 |
Process name: w3wp.exe
Account name: IIS APPPOOL\DefaultAppPoolException information:
Exception type: ConfigurationErrorsException
Exception message: Could not load file or assembly ‘Glimpse.AspNet’ or one of its dependencies. The system cannot find the file specified.Request information:
Request URL: http://qa.labng.org/signalr/reconnect?transport=longPolling&messageId=d-28CDBFFE-B,0|H,0|D,0|I,2&clientProtocol=1.4&connectionToken=isY0EAjbK7jdhS1Qj5lcKypIwZQshf1+UAPdV51M0q95Qe8PFjjlKd0whzr5zPitd9CJSongw3H5j3aGRK/m3VxRaHKxyKo2ZQKVFqqKvntLq5ir3WYBTRB5+VUlFwiw6auAYi1ztgxt8WTcj4Acx/56CDA=&connectionData=[{“name”:”messagehub”}]&tid=2&_=1496330342362
Request path: /signalr/reconnectThread account name: IIS APPPOOL\DefaultAppPoolThread information:Stack trace: at System.Web.Configuration.ConfigUtil.GetType(String typeName, String propertyName, ConfigurationElement configElement, XmlNode node, Boolean checkAptcaBit, Boolean ignoreCase)
at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) |
| 1309 |
Warning |
ASP.NET 4.0.30319.0 |
Process information:
Process name: w3wp.exe
Account name: IIS APPPOOL\DefaultAppPool. Cannot open database “HRDB” requested by the login. The login failed.
Login failed for user ‘LADBDOMAIN\IIS01$’.
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, at System.Data.SqlClient.SqlConnection.Open()
at Hangfire.SqlServer.SqlServerStorage.CreateAndOpenConnection()
at Hangfire.SqlServer.SqlServerStorage..ctor(String nameOrConnectionString, SqlServerStorageOptions options)
at Hangfire.SqlServerStorageExtensions.UseSqlServerStorage(IGlobalConfiguration configuration, String nameOrConnectionString, SqlServerStorageOptions options)
at HRDBv2.Startup.Configuration(IAppBuilder app)Thread information:
Thread account name: IIS APPPOOL\DefaultAppPool
Is impersonating: False
Stack trace: at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) |
| 1076 |
Information |
ASP.NET 4.0.30319.0 |
State server starts listening with 24 listeners |
|
Networking
Internet Explorer
Knowing that we had problems with the Network earlier took to the Net and tried to access external hosts on the Net. No problem.
Network Diagnostic Tools
Knowing that this computer is not playing with me, finally took to the command line, knowing that I might as well get bruised up and have something to show the judge, so that she might as well call it even.
netstat
Netstat to the rescue. By a wide margin, netstat is my favorite command line network diagnostic tool.
netstat – SYN_SENT
From command line, issued “netstat –an | find “SYN_SENT” “.
thankfully, came back positive
Seeing that we have SYN_SENT to port 1433, I sensed that we have a SQL Server Connectivity issue.
By default SQL Server runs on Port 1433. But what host.
IP Address Resolution
I am really stuck here.
Yes, I know IPV4, but IPV6.
That is way after my time.
ping -6 -a
Back to the command line, issued “ping -6 -a <IPV6 Address>”
100% lost
No help!
pathping -6
Issued “pathping -6 <IPV6 Address>”
Thankfully, got back the hostname.
And, it is in fact the Hostname to our SQL Server.
References
- Microsoft
- > IIS Windows Process Activation Service (WAS) > IIS Protocol Adapter > IIS Protocol Adapter Availability
- Event ID 5138 — IIS Protocol Adapter Availability
Link
- blogs.msdn.microsoft.com
- Benjamin Perkins, MSFT
- Troubleshooting badly behaving IIS application pools-adapter-availability-technet-id-51
Link
- outsystems.com
- Pedro Gonçalves
- Application Pool shutdown due to IIS Protocol Adapter Availability (Technet ID 5138)
Link
- StackOverflow.com
- IIS: Web Application hangs periodically needs system reboot
Link
- ServerFault.com
- iis 7 stopping a listener channel
Answered By: Adam Brand
Link
- Vision One IT Consulting
- Derek Brown
- IIS errors when running 32-bit application pools on SBS 2008
Link
- Faizal K.Mohamed
- IIS error log code (sc-status and sc-substatus)
Link
Heard
ServerFault.com
iis 7 stopping a listener channel
Link
Sumrak, Asked
iis 7 stopping a listener channel
Adam Brand, Answer
IIS pings a worker process periodically (by default, every 30 seconds) to make sure it is still responsive. It is possible that your worker process is too busy to respond to the ping, so IIS tries to terminate it. When IIS tries to terminate the process, it fails, because the process is still hanging on to areas of memory.
Go into IIS, click Application Pools, then right-click on your app pool and choose Advanced Settings. Under the Process Model heading, choose False next to Ping Enabled and see if that fixes the issue. Another option is to increase the Ping Maximum Response Time.
As for whether or not this signals a larger problem, I would say yes, it does. It doesn’t seem appropriate for that type of code to execute synchronously. You might want to consider passing the task off to a Windows service that will do an async callback, or investigate IIS’s async model (System.Threading). How to do that would probably be a better question for stackoverflow.
Dedicated
Thank you to pathping.
Dedicated to Microsoft/Networking.
Please read more :
- Wikipedia
PathPing is a network utility supplied in Windows NT and beyond that combines the functionality of ping with that of tracert.
It provides details of the path between two hosts and Ping-like statistics for each node in the path based on samples taken over a time period, depending on how many nodes are between the start and end host.
The advantages of PathPing over ping and traceroute are that each node is pinged as the result of a single command, and that the behavior of nodes is studied over an extended time period, rather than the default ping sample of four messages or default traceroute single route trace. The disadvantage is that it takes a total of 25 seconds per hop to show the ping statistics.
Link
- Windows 2000 TCP/IP > TCP/IP Troubleshooting > Overview of TCP/IP Troubleshooting Tools > Pathping
The PathPing tool is a route tracing tool that combines features of Ping and Tracert with additional information that neither of those tools provides. PathPing sends packets to each router on the way to a final destination over a period of time, and then computes results based on the packets returned from each hop. Since PathPing shows the degree of packet loss at any given router or link, you can pinpoint which routers or links might be causing network problems. A number of switches are available
Link
Summary
Lost my mind @ 11:30 PM.
Just because the IP Address was an IPV6.
Commuted over to the SQL Server box, noticed the SQL Server Instance was stopped, restarted it.
Now I can get on that last train!
