[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 328
  • Last Modified:

limited access or no access to web DNS??

VERY VERY strange one here.  One ISP  Time Warner Telecom.  Two T-1 Lines.  Out of their data port they hand off to me.  I have a Zyxel Zywall 2 router in place.  I setup so that the public  x.x.x.2 goes to the 2000 server and the public x.x.x.3 goes to the 2003 server.  These two different servers server two different networks with two different companies.  Both servers are running exchange and DNS.  The public x.x.x.4 address resolves to the workstations on the internet.  From the router output to a switch and then to the servers and workstations

With that said we have problems with any yahoo website.  Finance.yahoo.com , travel.yahoo.com, movies.yahoo.com and sports.yahoo.com.  Any of those are just so slow it takes five minutes to finally load and then it doesn't load pictures.  What is very strange is that before about 9:00 AM it is smoking fast without problems and then it goes to nothing.  Sometimes it is fast but there isn't any consistent pattern except that it is slow and frustrating.

Time Warner tells me we have a DNS problem.  Both 2000 and 2003 DNS servers forward to their DNS servers.  All clients point to their correct servers for DNS.  Cnn.com or msn.com or msnbc.com are smoking fast.  

I have heard about EDNS and I dumped that.  Still having a ton of problems.  Do you think it could be throughput with the router?  Thanks,

Brad
0
bhgewilson
Asked:
bhgewilson
  • 5
  • 4
  • 2
  • +2
1 Solution
 
scomo1026Commented:
I have had this problem before and This could be dns, or the t-1 provider. Can you post what your machines point to for dns and their roles, for example,

Server 1 win2000, ad, dns, gc points to itself for dns
Server 2 win2003, ad, dns, points to server 1 for dns
clients primary dns server 1, secondary dns server 2

If we verify dns is setup correctly, then I would say to call the actual line provider instead of the isp.
0
 
bhgewilsonAuthor Commented:
ISP is line provider.  Time Warner Telecom does both.

Server 1 is WIN 2000 , AD, DNS, Points to itself
Server 2 is WIN 2003, AD, DNS, Points to itself

Clients for server 1 point to server 1 primary and nobody secondary
Clients for server 2 point to server 2 Primary and nobody secondary

When I setup the clients directly in line with the ISP DNS still doesn't go out.  I tried to get to finance.yahoo.com and could not get out.  I then went and pinged finance.yahoo.com and got the IP.  I put the IP in the browser and still could not get out.  

Thanks for the comment.  Can you think of anything else.  Could there be something in the router that would stop requests from going through.

Brad
0
 
bmquintasCommented:
can you post results of nslookup (for yahoo.com) and tracert yahoo.com?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
scomo1026Commented:
Sounds very frustrating...

You say everything works fine at 9 in the morning and before?  I would say that dns is setup and working properly as dns doesn't decide what times to work and not work.  

I am going to assume you are using private IP addresses on the inside of your network for all nodes (pelase correct me if this is a false staement).

Are you running bgp?  Has the isp verified the line all the way back to the co, or just the local loops?

Have you verified there is not a machine, or multiple machines that have spyware/virus problems that get turned on about the time everything stops working?
0
 
Fatal_ExceptionCommented:
Hmm.. sounds suspiciously like a provider issue to me..  but I would question you about the timing, and if this is when a certain system on your LAN is powered up?  First thing I would do is put a sniffer on the wire and watch the traffic.  If your T1 is an ethernet connection to the DSU/CSU, that is where I would place it.  I use Ethereal, and you can dnload it for free.

If there is nothing suspicious there, then I would point to Time Warner.  There are some tests that can be run, provided by a Cisco Support site you might want to try...  

http://cosi-nms.sourceforge.net/

You might also run some diagnostics on your DNS server, but it just does not sound like the problem is on your side of the fence here..  Netdiag, DNSLint, and DCDiag are the ones I like...

FE
0
 
bhgewilsonAuthor Commented:
I haven't thought of the workstation issues.  Yes I can check computer by computer to see if this is a cause of the problem.  That is an excellent thought.  As for BGP I know that I am not but I will have to see for Time Warner.  When you say sniffer yes I know what a sniffer is but I haven't ever used one.  Would I just put a machine between the versapack ethernet connection and the router.  I think this is what ou said.  

Yes we are running NAT.

Is there an efficient way to rule out the router?
0
 
Fatal_ExceptionCommented:
Yea.  Packet Sniffers can tell you a lot, but be prepared to see a lot of data passing by.  I usually carry a hub and throw that on the line spliced between ethernet connections.  Usually it is placed on the inside of the LAN, but I would think that you could put it outside also on a T1 line..  In fact, on second thought, if you are running through a switch, put it on the line going out to your perimeter router and see what is passing by.  Only capture a few minutes of data, or you will be all night analyzing it.

Heck, you could also just take everyone off the line going out and test with a single machine.  Take a laptop and plug straight into the router with nothing behind you and see if it is happening.  Configure your laptop for TW's DNS servers and narrow it down.  If the problem is still there, then take the Router out of the loop, and plug directly into the CSU/DSU, configuring your laptop with all the external configurations (public IP, Gateway, etc..)..  Now, if it is still happening, you know it is Time Warner.  Nothing they could say then, eh?  :)

FE
0
 
Fatal_ExceptionCommented:
:)
0
 
bhgewilsonAuthor Commented:
We never did solve this issue but we are starting to look into the ISP.
0
 
Fatal_ExceptionCommented:
Yes, like I mentioned above, that is my thinking also...
0
 
bhgewilsonAuthor Commented:
OK WE FIXED THIS.  I have found out that our IS gave us 168.215.X.X address.  They must have used a Class C subnet mask.  On the router I put in a Class B subnet and it worked but very slow.  Once I put in the class C subnet mask everything got fast again.

Brad
0
 
Fatal_ExceptionCommented:
*grin*  just goes to show how important the mask is...  
0
 
moduloCommented:
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 5
  • 4
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now