rstuemke
asked on
WIndows 2008 Server Networking Problem
Hello,
Recently after a boot, our new Win 2008 Server, started acting versy strange....here is a list of the symptoms I have tracked down so far: (Fails from any other server or PC on the Lan)
1) Cannot ping this server from any other server or PC on the Lan. All on subnet 172.16.1.x
2) Cannot "NET VIEW \\SERRVERNAME" Returns path not found.
3) Cannot access server thru Remote Desktop Control software
4) Cannot open any network shares on the server. Cannot find them.
BTW this is a win 2008 domain controller in a win 2003 environment
I have tried numerous things, all without success;
Remove DNS server from this DC
Removed all software updates installed since problem started last week
Stop/Started various services
Tried secondary NIC
(This is a Dell PowerEdge 2900 server.)
Had Exchange 2007 installed, but not using it. Removed it.
Examined output from DCDIAG, IPCONFIG, NETDIAG, with no clear indication of problem.
Have been working for days on this problem and and at my wit's end.
It just stopped working last Thursday after a boot.
NOW HERE IS THE STRANGE THING....have 2 other Windows 2008 Servers, one running Exchange 2007 and one not. The Exchange 2007 server has not been updated in any way. This server continues to work correctly.
The other 2008 server, not running Exchange, has the same problems listed above.
Both servers that are now experiencing this problem, have been installed and working for weeks without issue. Both were promoted to DCs about a week before the problems began.
They just quite working after a boot last week and yesterday for the one.
The one running exchange 2007 has not problems. It is NOT a DC.
I NEED HELP!!! PLEASE!!
Recently after a boot, our new Win 2008 Server, started acting versy strange....here is a list of the symptoms I have tracked down so far: (Fails from any other server or PC on the Lan)
1) Cannot ping this server from any other server or PC on the Lan. All on subnet 172.16.1.x
2) Cannot "NET VIEW \\SERRVERNAME" Returns path not found.
3) Cannot access server thru Remote Desktop Control software
4) Cannot open any network shares on the server. Cannot find them.
BTW this is a win 2008 domain controller in a win 2003 environment
I have tried numerous things, all without success;
Remove DNS server from this DC
Removed all software updates installed since problem started last week
Stop/Started various services
Tried secondary NIC
(This is a Dell PowerEdge 2900 server.)
Had Exchange 2007 installed, but not using it. Removed it.
Examined output from DCDIAG, IPCONFIG, NETDIAG, with no clear indication of problem.
Have been working for days on this problem and and at my wit's end.
It just stopped working last Thursday after a boot.
NOW HERE IS THE STRANGE THING....have 2 other Windows 2008 Servers, one running Exchange 2007 and one not. The Exchange 2007 server has not been updated in any way. This server continues to work correctly.
The other 2008 server, not running Exchange, has the same problems listed above.
Both servers that are now experiencing this problem, have been installed and working for weeks without issue. Both were promoted to DCs about a week before the problems began.
They just quite working after a boot last week and yesterday for the one.
The one running exchange 2007 has not problems. It is NOT a DC.
I NEED HELP!!! PLEASE!!
Are the three servers all on the same switch? What messages are you getting when you try to ping them? Timed out, destination host unreachable? Are you pinging by name or by IP?
tried turning off IPV6? and deleting the ipv6 entry in hosts, had a similar problem and doing that did the trick..also added the IPV4 FQDN of itself in the host file
ASKER
All 3 are in various stages of preparation, prior to be put into production. Currently all 3 on same switch
which I also replaced this morning, to no avail.
Firewall turned on thru Group Policy....has been on since joining servers to domain.
Pings getting time outs.
Net View gettng network path not found.
Also forgot to mention that File Replication Services is getting a lot of 13508 replication failures, without the corresponding 13509 events. So replication is also part of the picture.
Will look into IVP6.
which I also replaced this morning, to no avail.
Firewall turned on thru Group Policy....has been on since joining servers to domain.
Pings getting time outs.
Net View gettng network path not found.
Also forgot to mention that File Replication Services is getting a lot of 13508 replication failures, without the corresponding 13509 events. So replication is also part of the picture.
Will look into IVP6.
I think MKBean meant if the firewall was on, try turning it off.
That is exactly what I want rstuemke to try.
Brian
Brian
ASKER
Disabled (unchecked) TCP6 for network adapter and added registry DWORD to
disable tunnel interfaces. Added entry to HOST file and deleted it's IVP6 entry.
Firewall is turned on thru Group Policy and is enabled when the server joined the domain. Have changed FW settings to as to give notification whenever its blocks something. No messages.
Still not working. Rebooted server. Nope.....
disable tunnel interfaces. Added entry to HOST file and deleted it's IVP6 entry.
Firewall is turned on thru Group Policy and is enabled when the server joined the domain. Have changed FW settings to as to give notification whenever its blocks something. No messages.
Still not working. Rebooted server. Nope.....
ASKER
OK, I stopped the Firewall Service on the server.
Still not working. Everything still the same (failures).
Still not working. Everything still the same (failures).
ASKER
Wonder if I should demote the DC to a file server?
Are you pinging by name or IP? Do you currently have an AD aware DNS servers running? Do you have any other DC's, or just the two 2008 boxes?
ASKER
I am pinging by IP address. Have 4 other 2003 domain controllers. All of these are AD/DNS servers.
The 3-2008 servers were DNS servers, 2 were DC, one is not. One of the two has had DNS removed. It is the one having the problem. Removed DNS server as part of the ongoing effort to isolate problem. Thinking of demoting one from DC to file server tomorrow...to see what happens.
The 3-2008 servers were DNS servers, 2 were DC, one is not. One of the two has had DNS removed. It is the one having the problem. Removed DNS server as part of the ongoing effort to isolate problem. Thinking of demoting one from DC to file server tomorrow...to see what happens.
Can the server ping itself? You may have a corrupt TCP/IP stack.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Can ping itself with no problem. Net View \\itself works fine. It just from other PCs or servers.
Will try suggestion about switch. All switches in the server room are new and were just replaced within the last couple of months. More in a bit.
Will try suggestion about switch. All switches in the server room are new and were just replaced within the last couple of months. More in a bit.
ASKER
If it was ARP Cache corruption, would not I be seeing the same symptoms on a variety of machines, instead of just 2 servers. Have numerous PCs, 3 - 2003 servers and another 2008 server on same switch as the 2 - 2008 servers having this problem and none of these others are not having any problem, . These are the only 2 - 2008 domain controllers, which makes me suspicious about them in that sense.
ASKER
NEW INFORMATION
I tried to demote the one server from a DC to a file server. The demotion failed with the following error:
THE RPC SERVER IS UNAVAILABLE
Had seen this on something else earlier and checked the RPC services running, at that time, and they were ok. STOPPED/STARTED RPC services, but has not fixed problem. Restart does not fix problem.
Something is broken here......not sure what.
ANY IDEAS?????
I tried to demote the one server from a DC to a file server. The demotion failed with the following error:
THE RPC SERVER IS UNAVAILABLE
Had seen this on something else earlier and checked the RPC services running, at that time, and they were ok. STOPPED/STARTED RPC services, but has not fixed problem. Restart does not fix problem.
Something is broken here......not sure what.
ANY IDEAS?????
ASKER
One other thing, the server is showing a WINDOWS ACTIVATION Error. Have not been able to follow this one to source yet.
Is it an OEM or boxed license and have you activated it?
I have seen a problem where an ARP entry for a server got corrupt and was stuck in a netgear switch. Everything could communicate except to that server. I had to pull apart all the connections to the different switches I had, and add them one by one until I could find the offending device. Power cycling the offending device didn't fix it, I replaced it.
If your switches are managed then you should be able to view the ARP cache and perhaps even flush the offending (or all) entries.
I have seen a problem where an ARP entry for a server got corrupt and was stuck in a netgear switch. Everything could communicate except to that server. I had to pull apart all the connections to the different switches I had, and add them one by one until I could find the offending device. Power cycling the offending device didn't fix it, I replaced it.
If your switches are managed then you should be able to view the ARP cache and perhaps even flush the offending (or all) entries.
ASKER
HELP!!!!!!
This morning I removed the DC from AD, since I could not demote it. Then did a full reload of Windows 2008 Server to the one server. Came up and let it assign its own IP address. Tried to ping it from other PCs and Servers and STILL GETTING TIMEOUTS. Disabled and uninstalled the 2 NICS, but still not working. Swapped the LAN cable to a different NIC, SAME PROBLEM.
This morning I removed the DC from AD, since I could not demote it. Then did a full reload of Windows 2008 Server to the one server. Came up and let it assign its own IP address. Tried to ping it from other PCs and Servers and STILL GETTING TIMEOUTS. Disabled and uninstalled the 2 NICS, but still not working. Swapped the LAN cable to a different NIC, SAME PROBLEM.
ASKER
UPDATE
Modified local FW settings prior to rejoining domain. Standalone box.....could then ping it!!! YEAH!
Joined the domain (using a different machine name), which has group policy FW settings and could not ping any more. BOO!
Modified the domain GP FW settings to open up same ports opened on local FW but did not seem to make any difference. Made the GP FW settings prior to rejoining domain.
So, not sure if a domain problem or a FW problem.
Domain FW Settings allow:
File and Printer Sharing
Remote Administration
Remote Desktop
Program and Port Exceptions
NET VIEW \\servername now works
Seems PING is all that is failing now.
Modified local FW settings prior to rejoining domain. Standalone box.....could then ping it!!! YEAH!
Joined the domain (using a different machine name), which has group policy FW settings and could not ping any more. BOO!
Modified the domain GP FW settings to open up same ports opened on local FW but did not seem to make any difference. Made the GP FW settings prior to rejoining domain.
So, not sure if a domain problem or a FW problem.
Domain FW Settings allow:
File and Printer Sharing
Remote Administration
Remote Desktop
Program and Port Exceptions
NET VIEW \\servername now works
Seems PING is all that is failing now.
ICMP is probably blocked by the firewall since you haven't explicitly allowed it. That is why PING is failing but other are working.
How did you remove the server from AD? If you just deleted the computer account, then you need to use NTDSUTIL to remove the leftover metadata.
Personally, I turn off the firewalls on internal machines and use firewall appliances between them and the Internet. They cause too many problems unless you really manage the ports. You may find for instance, that your antivirus isn't getting updated unless you've opened those ports.
How did you remove the server from AD? If you just deleted the computer account, then you need to use NTDSUTIL to remove the leftover metadata.
Personally, I turn off the firewalls on internal machines and use firewall appliances between them and the Internet. They cause too many problems unless you really manage the ports. You may find for instance, that your antivirus isn't getting updated unless you've opened those ports.
ASKER
Yes, ICMP was blocked.
I have one server up and running now and am rebuilding it. Thanks so much for your help.
I have one server up and running now and am rebuilding it. Thanks so much for your help.
ASKER
Thanks For Assistance. Things much better now.
Was FW problem
Was FW problem
Brian