asked on

TCP/IP stack bad on SBS 2003 box?

I noticed the other day that our remote offices were having trouble pinging our SBS box at our primary location. Initially, the primary offices were able to successfully ping SBS box but as of this morning, that is no longer the case either by the ip or the fqdn.

I can still access our SBS server from the START, Run command and by terminal services. I can also ping all the other servers and clients FROM the SBS box but they cannot recognize that box is even on the network. Ive tried disabling the AV firewall on our SBS server, restarting the dns service and eventually the server itself. Ive also confirmed all the ptr and a records in addition to the NIC configuration. Ive run dcdiag and netdiag /fix with no luck. I also ran dcdiag /v /test:dns. This last test reveals a number of forwarding errors but comparing the configuration with one of our other servers didnt show any differences.

Per this article, http://support.microsoft.com/kb/317518/, I suspect that I may need to reset the tcp stack on the SBS box but as this is obviously the primary DC, Im hesitant to do so. Any other ideas on what might be causing the behavior I described?

For further information, we are running 7 servers, all server 2003 except for the one SBS 2003 box. We have two servers acting as secondary dc's and the SBS box as the primary.

The only hint towards a possible cause, is an error I show in the dcdiag /test:dns call following after every FQDN listed in the Root Hints tab of the DNS server tab :

      DNS server: 193.0.14.129 (k.root-servers.net.)
      1 test failure on this DNS server
      This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 193.0.14.129 [Error details: 9003 (Type: Win32 Description: DNS name does not exist.)]

The odd thing is that these are the same listings on our other servers which are working just fine.

ASKER CERTIFIED SOLUTION

Brian Pierce

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

scrathcyboy

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

jenieh

ASKER

Thanks to you both for the suggestions. KCTS, I already checked the DNS settings on all the servers and reconfirmed that wasn't the problem. I also have both forwarders and root hints set. Scratchyboy, rebuilding the stack on a workstation isn't the solution and because this is the primary DNS I'm reticent to rebuild the stack on the SBS box.

For now I traced part of the issue back to the ISA server that we recently disabled in order to test a web filter appliance that we are evaluating.

Everytime I tried to review the firewall settings on the SBS box, I kept getting the error message: "Windows Firewall cannot run because another program or service is running that might use the network address translation component (Ipnat.sys)."

I went into Device Manager, chose Show Hidden Devices, and open "Non-Plug and Play Drivers". I stopped the "IP Network Address Translator" and the ISA Server Network Address Translation Driver. Next, I cleared the cache on the DNS server and restarted it and am now able to ping the server from workstations throughout the network. Finally, I reran dcdiag /fix and then dcdiag /test:dns /v.

Unfortunately I'm still getting the fowarding error in the test:dns results.

jenieh

ASKER

Neither response really worked for me but I split the points due to the fact that they did help point me in the right direction.

Thanks again to both of you for your help!

scardenas22

Hello Jenieh-

I am having a similar problem with my SBS. How did you end up fixing this issue?

Thanks