All Products
Search
Document Center

Quick troubleshooting for websites running on ECS instances

Last Updated: Sep 21, 2020

Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.

 

Overview

If you cannot open the website, search for the error message before troubleshooting port 80 and the Web service status. This topic provides a quick troubleshooting method. For more information about the troubleshooting process, seeCannot access the website on ECS.

 

Description

This topic describes how to troubleshoot website access failures running in Linux and Windows.

 

Unable to access the website running on a Linux instance

Take CentOS 7 as an example.

 

Troubleshoot port 80 unavailability

  1. Run the following command to check whether TCP port 80 is listened.
    netstat -an | grep 80
    The command output is as follows. If any of the following results is returned, the Web service on TCP port 80 is started.
    Tcp 0 0.0.0.0: 80 0.0.0.0: * LISTEN # LISTEN to the whole network
    Tcp 0 0 127.0.0.1: 80 0.0.0.0: * LISTEN # Local listening
    Note: If the local 127.0.0.1 listener is used, Web services cannot be accessed through the Internet. You need to change it to a global listener.
  2. If no exception is detected in step 1, perform the following operations.
    1. Check whether the instance security group allows port 80. For more information, seeAdd security group rules.
    2. Check whether the instance iptables allows port 80.
    3. Use the telnet and traceroute commands to track the connection to port 80. For more information, seeDescription of port availability test when the Ping succeeds but the port fails.
  3. Check whether the ECS bandwidth is sufficient. For more information, seeQuery and analysis of Windows instance system loads.

 

Troubleshoot Web service unavailability

Log on to the ECS instance of the Liunx system. For more information, seeConnect to a Linux instance by using a management Terminal.

  1. View Web service logs.
  2. UseTopCommand to view the running status of the instance and check whether any abnormal processes exist.
  3. View the instance monitoring information in the console to check whether the instance bandwidth is sufficient. If not, upgrade the instance bandwidth.
  4. Check whether the CPU and memory of the instance are insufficient. For more information, seeTroubleshooting for high CPU usage in Elastic Compute Service Linux.
  5. Check whether there are too many TCP connections on port 80 of the instance.
  6. Run the following command to count the number of TCP connections.
    netstat -anp |grep tcp |wc -l
  7. Comparison/Etc/sysctl. confIn the configuration fileNet. ipv4.tcp _ max_tw_bucketsThe maximum value of the parameter. If the limit is exceeded, perform the following operations.
    1. RunVi/etc/sysctl. confCommand to edit the file and queryNet. ipv4.tcp _ max_tw_bucketsParameter. If the connection usage is high and it is easy to exceed the limit, addNet. ipv4.tcp _ max_tw_bucketsThe size of the parameter value.
    2. RunSysctl-pCommand to make the configuration take effect.

 

Unable to access websites running on Windows instances

Take Windows Server 2008 as an example.

 

Troubleshoot port 80 unavailability

  1. Run the following command to check whether TCP port 80 is listened.
    netstat -ano | findstr :80
    The command output is as follows. If any of the following results is returned, the Web service on TCP port 80 is started.
    TCP 0.0.0.0: 80 0.0.0.0: 0 LISTENING 1172 # indicates network-wide LISTENING
    TCP 127.0.0.1: 80 0.0.0.0: 0 LISTENING 1172 # indicates local LISTENING.
    Note: If the local listener fails to access Web services from the Internet, only the local instance can access Web services. Run the following command to change the local listener to the global listener.
    netsh http delete iplisten ipaddress= 127.0.0.1:80
  2. If no exception is detected in step 1, perform the following operations.
    1. Check whether the instance security group allows port 80. For more information, seeAdd security group rules.
    2. Check whether the instance firewall allows port 80. For more information, seeWindows Firewall limits access to ports, IP addresses, and applications and provides exceptional configurations..
    3. Use the telnet and tracert commands to track the connection to port 80. For more information, seeDescription of port availability test when the Ping succeeds but the port fails.
  3. Check whether the ECS bandwidth is sufficient. For more information, seeTroubleshoot when the bandwidth and CPU usage of Windows instances are full or high.

 

Troubleshoot Web service unavailability

  1. You must use a Windows-based ECS instance.
  2. View Web service logs. For example, the IIS service log path for Windows Server 2008 is "% SystemDrive % \ inetpub \ logs \ LogFiles \ W3SVC4 ".
  3. Use the Task Manager to view the running status of the instance and check whether any abnormal processes exist.
  4. View the instance monitoring information in the console to check whether the instance bandwidth is sufficient. If not, upgrade the instance bandwidth.
  5. Check whether the CPU and memory of the instance are exhausted. SeeTroubleshoot when the bandwidth and CPU usage of Windows instances are full or high.
  6. Follow these steps to check whether there are too many TCP connections on port 80 of the instance.
    1. Run the following commands in sequence to count the number of TCP connections.
      netstat -n |find /i "time_wait" /c
      netstat -n |find /i "close_wait" /c
      netstat -n |find /i "established" /c
    2. When the number of TCP connections is too high, follow these steps to adjust TcpTimedWaitDelay to 30 s, with the default value of 4 minutes (240 s ).
      1. OpenCMD, RunRegeditCommand.
      2. SelectHKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > TCPIP > Parameters, Set as follows.
        • If the TcpTimedWaitDelay parameter does not exist, perform the following operations.
          1. Right-clickParameter > Create a DWORD (32-bit) value.
          2. Enter TcpTimedWaitDelay and press enter to confirm.
        • If the TcpTimedWaitDelay parameter exists, right-clickTcpTimedWaitDelayAnd clickModify, SelectDecimalEnter the value 30 and clickOK.

 

Reference

There are many factors and symptoms that may cause website access exceptions. For more information, seeAbnormal access to the ECS instance.

 

Application scope

  • ECS