2 NICs on webserver 1 external and one interneal - Access to SQL database from PCs on internal to this server is slow and often times out

Posted on 2007-10-16
Last Modified: 2010-03-18
We have an internal network for LAN applications & an external network for our webserver (which hosts a few simple websites & our web based helpdesk system with an SQL back end)
The internal network connects to the internet via a Sonicwall firewall connected to a router
The external network connects to the internet via a Watchgourd firewall connected to the same router.

All networking on both network are fine, except we recently needed to acess the SQL helpdesk database from the internal network as we have a Windows interface which is faster for us, compared to the web interface.

To acheive this we put a 2nd nIc in the SQL Web server on the external network and gave the 2nd nic IP/SM entries for the internal network - thus this server has a link to the internal network
I did not specify a gateway or DNS on this 2nd nic.

From the internal network I  can now map to the drives on this server and ping it with no errors.
I also setup and ODBC link to the web server with the SQL database so my helpdsk windows application works.

However, performance with the helpdesk is sometimes ok, other times sluggish and sometime we get errors that relates to a loss of connection to the SQL database.  Each time this happens mapped drives are ok and pings are fine.

If I use the windows application on a laptop connected on the external network directly I get no issues, so it points to a network problem.

Any ideas and have we setup the dual card correctly on the web server.
By the way the 2nd nic is new and we have tested it since in case that was faulty.
No errors in the server event logs but there are errors in the PC log when this issue occurs - it specifies timeout errors.

Any help is appreciated.
Question by:support_realtime
    LVL 38

    Expert Comment

    by:Jim P.
    I'm guessing what is happening is that your clients are getting to your server by going out and coming back into your network.

    If you do a tracert to the server from the client you'll see it going to the external IP address. You should change the routing cost at the last switch/router before the server/firewall to make the internal IP address a lower cost than the going to the external address.

    Author Comment

    I suspected that this was happening -will check it and advise.
    Not sure how to change the cost though - I have a sonicwall for the external firewall if you have any ideas.

    Author Comment

    I get the following resu;ts:
    Tracing route to over a maximum of 30 hops
      1    <1 ms    <1 ms    <1 ms
    Trace complete.
    This implies that I am going straight to the LAN card on the server as is the IP of the card on the webserver linked to the local LAN.

    However, at present I can access the helpdesk application - maybe I should retry this when the issue occurs.
    LVL 38

    Expert Comment

    by:Jim P.
    From a windows machine at a dos prompt you can see the routes on a machine is by using the route command like route print.

    Router configuration is a different animal.

    Author Comment

    If i disable the external network card on the server (the one used by the webserver) then all works fine. When I enable it sometimes I connetc to the database and work fine other times it may be slow and often timeout, then work again a short while lataer.

    Can you confirm if I need to make the change on the server or the PC - I assume server.
    Also what do I need to enter?
    LVL 38

    Accepted Solution

    The routing table on the sonicwall needs to be adjusted. Anything coming internally needs to be routed through the one NIC. Anything coming form outside needs to be routed to the other one.

    You should discuss it with whover manages your sonicwall.
    LVL 38

    Expert Comment

    by:Jim P.
    Glad to be of assistance. May all your days get brighter and brighter.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Read about achieving the basic levels of HRIS security in the workplace.
    Slowly Changing Dimension Transformation component in data task flow is very useful for us to manage and control how data changes in SSIS.
    Video by: Steve
    Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
    Viewers will learn how the fundamental information of how to create a table.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now