Solved

Windows 2000 Server - IIS 5.0 - Intermittent DNS error

Posted on 2004-10-11
14
361 Views
Last Modified: 2012-05-05
I am hosting an ecommerce site withe the following internal setup:

OS: Windows 2000 Advanced Server (sp 4)
Web Server: IIS 5.0
DB: SQL Server 2000
Router: Windwos RRAS
DHCP Server:  Windows DHCP Server
DNS Server: Windows DNS Server
Internet Connection:  Cox.net High Speed (4 down / 768 up)
Anitvirus:  Norton (latest)
Firewall: ZoneAlarm 5.1.1 (latest)

I have several static ip's configured and each hosting different websites.  
I switched to a higher level of isp service recently and ever since i am experiencing intermittent dns errors when hitting my main website.  It seems to get worse over time.  Typically, an IIS reboot will cure the problem temporarily (1 - 2 hours).  In addition, connections to the server through remote desktop are intermittent.  The connection will go through sometimes and then disconnect or at times I can't connect at all.  This setup worked very well for about a year.  Since I've upgraded internet service, upgraded Norton anti-virus and upgraded ZA Pro, I've been having this problem.  I've check w/ Cox and after running test they say everything is fine.  It seems to be an internal configuration issue.  My site is frequently down and I'm losing money so this is urgent to me.  Thanks in advance for any help.
0
Comment
Question by:koneal
  • 5
  • 4
  • 2
  • +1
14 Comments
 
LVL 6

Expert Comment

by:Ferrosti
ID: 12277310
Could you please provide more information about your routing settings and firewalling!
Without IP addresses and subnetting it´s hard to tell what is going on.

What happens if you switch off ZA and reboot without restarting ZA automatically?

Regards, Ferrosti
0
 
LVL 12

Accepted Solution

by:
Mazaraat earned 100 total points
ID: 12278328
I would HIGHLY recommend seperating your firewall and web hosting server.  Get even a cheap dsl/cable router(that supports multiple public IPs) and remove the ZA, they are usually less than $100.  This would seperate your server and the internet and allow you to troubleshoot connection issues, you could then tell if its an internet connection or server issue by trying to connect to it from another pc on the same lan.
0
 

Author Comment

by:koneal
ID: 12278381
I appreciate the recommendation, Mazaraat.  Can you recommend a router that can handle multiple static ip's?   I attempted that w/ a Linksys router (wrt54gs) after calling the company and being told that it could handle it.  After purchasing the router and not being able to configure I was told that it couldn't handle multiple static ip's.  
0
 

Author Comment

by:koneal
ID: 12278513
Ferrosti, I rebooted w/o ZA and then turned it on.  The only difference was that a connection through remote desktop was much better initially but then bogged down to where the connection would only last for short periods.

I'll attempt to provide the router configuration:

1 network adapter connected to the internet
- ip:  several static ip's configured
- subnet mask:   255.255.255.0
- gateway:  isp's gateway

1 network adapter connected to the lan
- ip:  Reserved internal (192.168.0.1)
- subnet mask:  255.255.255.0
- gateway: none
0
 

Author Comment

by:koneal
ID: 12278530
Oh, firewall settings:

2 zones:  1 trusted - lan, 1 internet - internet connection
open ports:  80, 443, 25, 110, 1433, 3389
0
 

Author Comment

by:koneal
ID: 12278604
This same configuration has worked fine for about a year.  If it's not the isp, it seems it's an internal dns configuration issue (host names, bad dns records, etc.).  I don't know much about this stuff so if anyone has advice on how to troubleshoot, this is probably a good place to start.  The dns server is configured w/ no forward/reverse lookup zones - just a caching server.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 2

Assisted Solution

by:bigmanjer
bigmanjer earned 100 total points
ID: 12280881
check to make sure your event logs aren't getting exceedingly large.  if you can afford it, limit the max size of the logs so you can free up disk space.  also, if your RAM is questionably low, adding more will almost always increase performance, especially when it comes to IIS.

- Jer
0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12284552
You can get the SMC 7004vbr (about $40). It allows up to 10 computers with Public IPs on the DMZ.  I know there was another manufacturer but I can't remember the name...cisco and 3com both make one but they are both over $200 if I remember right.
0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12284578
Oops misposted sry =)
0
 

Author Comment

by:koneal
ID: 12286872
I have resolved the problem.  It seems that there was a conflict with ZA Pro.  By uninstalling ZA Pro and using packet filtering instead, the problem was resolved.  I would like to award some points to both Mazaraat and bigmanjer for 1) helping and for 2) providing valuable advice.  I will move my router off of the web server as recommended by Mazaraat and I'm not totally convinced that it wasn't a memory problem (I am fairly low on memory).  Perhaps removing ZA Pro (and a few other things DNS service)  freed up enough memory to resolve the problem.  Please advise on if I can award say 100 pts each instead of the total 500.  Thx.
0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12309662
Thats fine by me, I'm glad the problem was solved and that I could provide some help =)

Here is a good pdf on securing/hardening windows:
http://www.systemexperts.com/tutors/HardenW2K101.pdf

Good Luck!
0
 
LVL 2

Expert Comment

by:bigmanjer
ID: 12310922
koneal -

Thanks!  Post a message to Community Support - http://experts-exchange.com/Community_Support - stating the question URL and how you'd like to split up points.

- Jer
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now