jjrrww
asked on
Apparent DNS problem causing large delays and forcing page refresh from browser
SBS 2003 Standard, SP1
Proliant ML350 G3 server
We have 10 clients in a SBS 2003 domain
All clients receive DHCP address and DNS services from the SBS 2003 server.
T1 <-> Router <-> LAN w/ SBS2003 and 10 clients
Client machines will frequently get very slow response or timeouts from a web browser. The whole page may fail to load, or images within the page may timeout. Several refreshes may be needed before the page is displayed.
I have been attacking this problem for weeks, slowly eliminating everything possible. We have pulled out or swapped the router and the switch, I have entirely removed the Antivirus program (Bitdefender) with no change.
I *SWEAR* this only exhibits during daytime working hours, but the load on the LAN is very low.
I then pulled one client out of the domain, assigned it a static IP, and pointed DNS to the ISPs servers.
Today - performance is once again abyssmal, but this ONE client is performing fine.
My attention is now to DNS on my server. I can now compare clients in and out of the domain.
I have Ethereal setup to capture any data that might be useful.
DNS logging is on.
Proliant ML350 G3 server
We have 10 clients in a SBS 2003 domain
All clients receive DHCP address and DNS services from the SBS 2003 server.
T1 <-> Router <-> LAN w/ SBS2003 and 10 clients
Client machines will frequently get very slow response or timeouts from a web browser. The whole page may fail to load, or images within the page may timeout. Several refreshes may be needed before the page is displayed.
I have been attacking this problem for weeks, slowly eliminating everything possible. We have pulled out or swapped the router and the switch, I have entirely removed the Antivirus program (Bitdefender) with no change.
I *SWEAR* this only exhibits during daytime working hours, but the load on the LAN is very low.
I then pulled one client out of the domain, assigned it a static IP, and pointed DNS to the ISPs servers.
Today - performance is once again abyssmal, but this ONE client is performing fine.
My attention is now to DNS on my server. I can now compare clients in and out of the domain.
I have Ethereal setup to capture any data that might be useful.
DNS logging is on.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The "One" client was a test - it points directly to the ISP's DNS servers and is totally out of the domain. I deliberately removed the DC from the equation for that machine to see if that was the source of the slowdown.
I tried something yesterday that seems to have worked, but it's at odds with most advice. I REMOVED the forwarders, letting the Root Hints take the load. It was like the dam burst - everything is snappy now. They've gone 36 hours with no symptoms.
One explanation would be that the ISP's DNS servers are just overloaded (during the day, which is when I see the issue) and my DNS server times out waiting for a response. Still, the "one" client goes to those same servers, and has performed reasonably, as far as we can tell (remember - this is subjective, since the problem is not persistent - it comes and goes)
If the ISP's DNS servers are the culprit, what sort of tracks would that leave? How can I tell?
Currently, "waiting to see if it bogs down again" is the test plan. Ugh.
Does this scenario make sense? Even if it does, the thing that has made me crazy is the lack of evidence as to the problem. I really want to know how to diagnose this. Guessing is lousy methodology (although quite time-honored, I'll grant)
I will definitely be prowling through ALL of your links to get more information.