GnuTLS errors and lots of failed transfers

[jerrac]

I'm getting lots of GnuTLS errors when uploading files via FileZilla. It seems to slow it down.

It's not blocking uploads, just forcing FileZilla to retry some of them.

The errors look something like:

Status:	Resolving address of hostname
Status:	Connecting to ipaddress:21...
Status:	Connection established, waiting for welcome message...
Response:	220 ProFTPD 1.3.4c Server (ProFTPD) [ipaddress]
Command:	AUTH TLS
Response:	234 AUTH TLS successful
Status:	Initializing TLS...
Error:	GnuTLS error -12: A TLS fatal alert has been received.
Error:	Could not connect to server
Status:	Delaying connection for 5 seconds due to previously failed connection attempt...

Now, I'm on the same LAN as the data center, so it actually uploads really fast. But I'm uploading thousands of files. So it uploads a bunch of files really fast, then stalls for a few seconds, the goes through a bunch, and stalls, and so on. Could the sheer number of connections be causing ProFTPd to have issues?

FileZilla shows a LOT of failed transfers. The reason column shows "Could not start transfer" or "Disconnected from server".

Plesk 11.5 is running on Ubuntu 12.04.

Plesk is set to "Allow only secure FTPS connections" in the security settings.

FileZilla is configured to "Require explicit FTP over TLS".

And I've forced it to use Active transfer mode. When I let it try passive or automatically choose, it isn't able to list the directory contents. Is that normal?


I'd like to clear up the errors, and make sure transfers seldom fail before I let other people use this server. So any help doing so would be appreciated.

 

[IgorG]

Do you use FileZilla on WindowsXP? I heard that mentioned problem may occurs in that particular case.
It seems this issue related to FileZilla - http://trac.filezilla-project.org/ticket/5577

 

[jerrac]

Nope. My desktop is on Ubuntu 12.04 as well.

The bug you linked doesn't sound anything like what I'm encountering. They seem to be having issues with NATing. I'm on an internal network, going from my computer to the DMZ the Plesk server is on. It does go through the firewall, but no NAT is involved. Also, the logs posted there look nothing like what Filezilla is giving me.

Are there any log files on the Plesk side that would help? I didn't see any ProFTPd specific logs in /var/log.

auth.log does have a bunch of lines like:
Nov 19 19:35:26 pleskhostname proftpd: pam_unix(proftpd:session): session opened for user ftpusername by (uid=0)
Nov 19 19:35:26 pleskhostname proftpd[31538]: plesk.server.ip.x (local.client.ip.x[local.client.ip.x]) - USER ftpusername: Login successful.
Nov 19 19:35:26 pleskhostname proftpd: pam_unix(proftpd:session): session closed for user ftpusername
Nov 19 19:35:26 pleskhostname proftpd: pam_listfile(proftpd:auth): Couldn't open /etc/ftpusers

showing up when I'm uploading.

Any other places I can look for clues as to what's really going on?

 

[jerrac]

So, I just tried my upload from a server within the DMZ (it happened to have a gui and filezilla installed...). I configured it exactly the same, and it works perfectly. No GNUTLS errors. It is on Ubuntu 11.10, but I think the fact that it's in the same DMZ is more likely to be the problem.

 

[jerrac]

Never mind. Only reason I was using FTPS was because I couldn't get chrooted sftp to work. I just found http://forum.parallels.com/showthre...ed-not-working&p=708115&viewfull=1#post708115 and it works now. So I'm happy.

If someone has similar issues, I was going to try opening a passive port range on the firewall. I got the clue from http://forums.cpanel.net/f5/ftp-error-over-explicit-tls-ssl-158497.html#post787791 But I have no idea if that would fix it, and I'm not likely to try anytime soon.