Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 369
  • Last Modified:

Windows 2000 Server - IIS 5.0 - Intermittent DNS error

I am hosting an ecommerce site withe the following internal setup:

OS: Windows 2000 Advanced Server (sp 4)
Web Server: IIS 5.0
DB: SQL Server 2000
Router: Windwos RRAS
DHCP Server:  Windows DHCP Server
DNS Server: Windows DNS Server
Internet Connection:  Cox.net High Speed (4 down / 768 up)
Anitvirus:  Norton (latest)
Firewall: ZoneAlarm 5.1.1 (latest)

I have several static ip's configured and each hosting different websites.  
I switched to a higher level of isp service recently and ever since i am experiencing intermittent dns errors when hitting my main website.  It seems to get worse over time.  Typically, an IIS reboot will cure the problem temporarily (1 - 2 hours).  In addition, connections to the server through remote desktop are intermittent.  The connection will go through sometimes and then disconnect or at times I can't connect at all.  This setup worked very well for about a year.  Since I've upgraded internet service, upgraded Norton anti-virus and upgraded ZA Pro, I've been having this problem.  I've check w/ Cox and after running test they say everything is fine.  It seems to be an internal configuration issue.  My site is frequently down and I'm losing money so this is urgent to me.  Thanks in advance for any help.
0
koneal
Asked:
koneal
  • 5
  • 4
  • 2
  • +1
2 Solutions
 
FerrostiCommented:
Could you please provide more information about your routing settings and firewalling!
Without IP addresses and subnetting it´s hard to tell what is going on.

What happens if you switch off ZA and reboot without restarting ZA automatically?

Regards, Ferrosti
0
 
MazaraatCommented:
I would HIGHLY recommend seperating your firewall and web hosting server.  Get even a cheap dsl/cable router(that supports multiple public IPs) and remove the ZA, they are usually less than $100.  This would seperate your server and the internet and allow you to troubleshoot connection issues, you could then tell if its an internet connection or server issue by trying to connect to it from another pc on the same lan.
0
 
konealAuthor Commented:
I appreciate the recommendation, Mazaraat.  Can you recommend a router that can handle multiple static ip's?   I attempted that w/ a Linksys router (wrt54gs) after calling the company and being told that it could handle it.  After purchasing the router and not being able to configure I was told that it couldn't handle multiple static ip's.  
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
konealAuthor Commented:
Ferrosti, I rebooted w/o ZA and then turned it on.  The only difference was that a connection through remote desktop was much better initially but then bogged down to where the connection would only last for short periods.

I'll attempt to provide the router configuration:

1 network adapter connected to the internet
- ip:  several static ip's configured
- subnet mask:   255.255.255.0
- gateway:  isp's gateway

1 network adapter connected to the lan
- ip:  Reserved internal (192.168.0.1)
- subnet mask:  255.255.255.0
- gateway: none
0
 
konealAuthor Commented:
Oh, firewall settings:

2 zones:  1 trusted - lan, 1 internet - internet connection
open ports:  80, 443, 25, 110, 1433, 3389
0
 
konealAuthor Commented:
This same configuration has worked fine for about a year.  If it's not the isp, it seems it's an internal dns configuration issue (host names, bad dns records, etc.).  I don't know much about this stuff so if anyone has advice on how to troubleshoot, this is probably a good place to start.  The dns server is configured w/ no forward/reverse lookup zones - just a caching server.
0
 
bigmanjerCommented:
check to make sure your event logs aren't getting exceedingly large.  if you can afford it, limit the max size of the logs so you can free up disk space.  also, if your RAM is questionably low, adding more will almost always increase performance, especially when it comes to IIS.

- Jer
0
 
MazaraatCommented:
You can get the SMC 7004vbr (about $40). It allows up to 10 computers with Public IPs on the DMZ.  I know there was another manufacturer but I can't remember the name...cisco and 3com both make one but they are both over $200 if I remember right.
0
 
MazaraatCommented:
Oops misposted sry =)
0
 
konealAuthor Commented:
I have resolved the problem.  It seems that there was a conflict with ZA Pro.  By uninstalling ZA Pro and using packet filtering instead, the problem was resolved.  I would like to award some points to both Mazaraat and bigmanjer for 1) helping and for 2) providing valuable advice.  I will move my router off of the web server as recommended by Mazaraat and I'm not totally convinced that it wasn't a memory problem (I am fairly low on memory).  Perhaps removing ZA Pro (and a few other things DNS service)  freed up enough memory to resolve the problem.  Please advise on if I can award say 100 pts each instead of the total 500.  Thx.
0
 
MazaraatCommented:
Thats fine by me, I'm glad the problem was solved and that I could provide some help =)

Here is a good pdf on securing/hardening windows:
http://www.systemexperts.com/tutors/HardenW2K101.pdf

Good Luck!
0
 
bigmanjerCommented:
koneal -

Thanks!  Post a message to Community Support - http://experts-exchange.com/Community_Support - stating the question URL and how you'd like to split up points.

- Jer
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now