Solved

DNS resolution very slow

Posted on 2008-09-30
24
468 Views
Last Modified: 2013-12-14
Hi

Users on my lan are complaining that there when they click onto ie for the first time it takes a very long time for the homepage to appear. We have a DSL connection to the internet and a vigor router connected to a sonicwall. It seems as if takes time to recognise the inital web site for example at the bottom right of ie it says web site found but then takes a good few to display. We run our own windows 2003 AD with internal DNS with forwarders pointing to our DSL provider DNS servers.

What could be wrong or how would i go about finding out what is making the internet for users so slow.

ta
0
Comment
Question by:kingcastle
  • 10
  • 4
  • 3
  • +3
24 Comments
 
LVL 5

Expert Comment

by:mredfelix
Comment Utility
troubleshooting

Are you using a proxy?
trying pluging a PC/laptop into the back off the sonicwall and see if it takes a long time.
Change to a different isp dns servers.
0
 

Author Comment

by:kingcastle
Comment Utility
no proxy invloved here at all.

i tried actually plugging my laptop directly into the vigor rotuer and it was fast enough but then again i would expect that i was the only one plugged into that device.

cheers
0
 
LVL 5

Expert Comment

by:mredfelix
Comment Utility
how fast is it on the windows server?

have you cleared the dns cach?
0
 

Author Comment

by:kingcastle
Comment Utility
windows server is much the same as lan and yes cleared the cache
0
 
LVL 70

Expert Comment

by:KCTS
Comment Utility
If your DSL router supports DNS proxy - most do, then you may be better off pointing the forwarder at the router, that way, if the ISP updates the DNS servers, the proxy will update automatically and you will not have to re-configure the forwarder
0
 

Author Comment

by:kingcastle
Comment Utility
would implementing a proxy server on the lanb help this situation?
0
 

Author Comment

by:kingcastle
Comment Utility
kc how would i do that then, sound like a good plan becuase every thime the isp changes the dns server i have to call them up.

ta
0
 
LVL 5

Expert Comment

by:mredfelix
Comment Utility
are you lan pc's pointed to the gateway or the server?

If it is the gateway does it still take  along time when you are plugged into the first switch/hub the router is plugged in.

with the router set your nics dns to point to the router and imagine there is a tick box on the web console to turn it on.
0
 

Author Comment

by:kingcastle
Comment Utility
all gateways are pointed to the firewall
0
 
LVL 11

Expert Comment

by:Bertling
Comment Utility
if you log in to your sonicwall admin can you see how many conections are present? this is under the status section where you can see the serial and model etc.

if it is over 16000 then this could be your problem, as it will wait for a session to end before the next node is can access.

i have had this issue when one of our nodes had a virus on it. creating 1000s of sessions. it was being used to ddos or something allong those lines.
0
 

Author Comment

by:kingcastle
Comment Utility
hi all yeah the thing is that my dsl router is in front of my sonicwall in other words its on a differnt subnet so say my dsl router is on 192.168.10.100 but my sonicwall which is my lan default gateway is on 172.16.1.0 so how would i be able the point my dns forwarders from my AD DNS server on 172.16.1.0 to the router?cheers
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 70

Expert Comment

by:KCTS
Comment Utility
You make sure all the machines on the domain point to the internal DNS server ONLY and then set up a forwarder as detailed at http://www.petri.co.il/configure_dns_forwarding.htm
0
 

Author Comment

by:kingcastle
Comment Utility
hi kcts, yip i know that bit ok but at the mo my forwarders are pointing to my isp and i was interested when you said you could point them to your router and your router would handle it when the isp changed these dns settings, but on my last post i mentioned that all my lan clients point to the firewall and not the router so i was wondering how i get your way to work in that situation.

ta
0
 
LVL 9

Expert Comment

by:Press2Esc
Comment Utility
I am wondering if you are not having a line issue...  By default, when you repeatedly visit the same website (eg., homepage) your browsers work off of local cache.  

Have you ran a speed test recently?
Have you checked for packet loss recently (e.g., ping -t myhomepage.com)?
Have you added any new hardware or software?  Any network config changes?

P2E
0
 
LVL 11

Expert Comment

by:Bertling
Comment Utility
can you please advise the number of sessions on your firewall, as requested to rule this out
0
 

Author Comment

by:kingcastle
Comment Utility
no its defo not the number of connections, and its not a line problem either i dont think.

that dns automatically changing as and when the isp cahnges their dns server sounds good tho but i cant see where to do it as explained earlier
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
DCdiag /fix:DNS
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
Comment Utility
Or you could try to flush the DNS cache of the server and remove all HOST file records except the 127 loopback address. The server will go to its DNS cache and HOST records before HOST A records in the forward lookup zone, then to an outside server.

To flush the DNS cach: type IPconfig /flushdns at the command prompt
To edit the HOST file, use a text editor (like wordpad), and delete all records except the loopback address. The host file is found in C:\Windows\system32\drivers\ect\Host
0
 

Author Comment

by:kingcastle
Comment Utility
im going give chiefit the points here as this turned out to be a dns issue. the first dns forwarder we had on our internal dns server was one our isp had taken offline once we moved to the proper dns forwarder from the isp it all worked well again.

so thanks all
0
 
LVL 70

Expert Comment

by:KCTS
Comment Utility
My comment was :!

" If your DSL router supports DNS proxy - most do, then you may be better off pointing the forwarder at the router, that way, if the ISP updates the DNS servers, the proxy will update automatically and you will not have to re-configure the forwarder "
0
 

Author Comment

by:kingcastle
Comment Utility
oh good point, but my point was how would i do that, if my gateway on the lan was actually my firewall and not the router.

anyway how can i re assign some of these points
0
 
LVL 70

Expert Comment

by:KCTS
Comment Utility
Its up to you - but if you want to, select "Request attention" and ask for the question to be re-opened.
0
 
LVL 38

Expert Comment

by:ChiefIT
Comment Utility
Well done KCTS: (ID: 22603644)

That's a good idea using a proxy to allow the outside DNS to dynamically update any changes. I like that idea.




0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now