Solved

NAT excruciatingly slow

Posted on 2002-07-17
13
1,554 Views
Last Modified: 2012-05-04
I have a Windows2000 server attached to a cable modem on one NIC and another computer (via DLink switch) on another NIC.  NAT is configured and works, however it is so slow that the web browser on the client machine often times out.  This is from all web pages, not any one in particular.  Web from the server is the normal fast speed and the CPU load is almost non-existant while there is plenty of free physical RAM.

Any idea what setting(s) on the server or client can be twiggled to increase performance?
0
Comment
Question by:magarity
  • 5
  • 3
  • 3
  • +2
13 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 7159940
1) Check all your event logs on the server and client.

2) Check the DNS settings and gateways.

3) Check the NIC bindings on the server. remove any unused protocols etc.

I hope this helps !
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 7159965
Also check the proxy settings - remove /disable the auto option.

If you are using ICS, this can also slow things down.

Update the NIC drivers on the server also.

A cheap 4 port router with NAT  is only about $50 if you watch the sales.

I hope this helps !
0
 
LVL 13

Author Comment

by:magarity
ID: 7160138
"1) Check all your event logs on the server and client."

In the server's event log:

"Unable to add the interface Internal with the Router Manager for the IP protocol. The following error occurred: The parameter is incorrect."

I think this mught be the problem.  What the heck is it whining about here and any idea how to fix it?

"2) Check the DNS settings and gateways."

These are correct as far as I can tell.

"3) Check the NIC bindings on the server. remove any unused protocols etc."

Ah, already did that.  Only TCPIP is installed.  Client for Windows Networking is installed only on the two internal NICs so I can share files.

"If you are using ICS, this can also slow things down"

Nope, NAT instead of ICS.  ICS doesn't work because of the goofy way MSN DSL is set up.

"A cheap 4 port router with NAT  is only about $50 if you watch the sales."

I'm not going to use a cheap NAT router if someone gives it to me.  This project was assembled as part studying for MCSE, so some plug and play widget is less than useless.  Unfortunately, my study guides aren't covering this slowdown symptom.

Thanks so far, any ideas about that server log?
0
 
LVL 13

Author Comment

by:magarity
ID: 7160186
Ping from client to DSL modem (via server) returns a TTL of 254.  Ping from client to server returns a TTL of 128.  Where did the extra 126 hops come from?  Am I reading this correctly?
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 7161072
no, TTL is time to live, not the # of hops
use tracert to check the # of hops
0
 
LVL 13

Author Comment

by:magarity
ID: 7161122
I'm pretty sure TTL refers to hops when ping uses it.

One other strange thing, nslookup on the client says there are no DNS servers.  But it resolves names anyway.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 63

Expert Comment

by:SysExpert
ID: 7161139
Are you running ISA ? If so then disable it for now, or set up the LAT tables if needed.

Try to check the event errors at eventid.com and the MS site.

I hope this helps !

0
 
LVL 17

Accepted Solution

by:
mikecr earned 200 total points
ID: 7161857
Here is some helpful information that will get you fixed up.

http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q299801

http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q310357

Also, make sure that you add a static route in RRAS on the server for the default route to the internet. Pick your external lan card from the drop down box and fill in the information.

Destination 0.0.0.0
network mask 0.0.0.0
gateway or next hop address "10.1.1.1"
metric 1
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 7162189
The TTL on pings is set by the local device and can be configured. If a ping starts out with a TTL of 254 then it can make 254 hops before it dies. Some unix boxes use 128, some use 64, W2K uses 254 . . . the TTL gets decremented by 1 for each hop that it makes.

By the way, how do you know NAT is working? If you cant get a web page back . . . that sounds broken to me.

Not all DNSs are configured to respond to nslookup commands.

Steve
0
 
LVL 13

Author Comment

by:magarity
ID: 7162355
mikecr,
Thanks for those links, info there helped.  I hadn't know about the checkbox for name resolution in the NAT properties.  That seems to have helped.

I tried adding the static link but that caused it to stop working.  I take it the 10.1.1.1 IP was supposed to be the IP of the DSL modem, yes?  What about the 0.0.0.0 numbers?  Leave those as-is?  I left them and put in the DSL IP and the client didn't get anything.
0
 
LVL 17

Expert Comment

by:mikecr
ID: 7162671
The DSL modem doesn't get an IP address, I'm just assuming, your machine gets an IP address. So look at the gateway that gets provided in your IP configuration and use it as your next hop or gateway when you configure your default route. The 10.1.1.1 would represent your next hop out which would be the gateway provided by the DHCP that your machine gets. This way all traffic hitting the box will be routed out onto the internet by default if it has no other specific route in the routing table for it.

0.0.0.0 0.0.0.0 10.1.1.1 will be your default route, where 10.1.1.1 is the gateway or next hop according to your IP configuration.
0
 
LVL 17

Expert Comment

by:mikecr
ID: 7162674
Oh, if I'm repeating myself I apologize, just make sure that you use the servers internal IP address as the default gateway for any clients that you have on the network wishing to get to the internet.
0
 
LVL 13

Author Comment

by:magarity
ID: 7374090
Whups, just noticed this question still open...  I don't recall the fix anymore but since I left a note here that the links from mikecr were helpful, I'll award the answer to that comment.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now