Solved

Internet Access Problem

Posted on 2008-10-17
17
312 Views
Last Modified: 2011-10-19
Have a LAN with a switch and a gateway and about 50 workstations. We have Windows 2003 server handling DHCP, DNS, AD and File Server, and 2MB bandwidth Internet Access.

Occasionally, when many are accessing the Internet, the Internet Access disappears. It's hard to pinpoint the problem, though I suspect the server is overloaded and can't handle the DNS.

Any ideas? How to check, diagnose?
0
Comment
Question by:Jason210
  • 7
  • 6
  • 2
  • +1
17 Comments
 
LVL 1

Accepted Solution

by:
duggy22 earned 300 total points
ID: 22741186
I think I would lean toward the ISP or a piece of networking equipment on this one.  We have customers with single servers that have 100 users and do ok.  I would start of by doing a ping 4.2.2.2 -t and keeping an eye on it when it goes down.  If you loose packets its your infrastructure equipment or the ISP.  Hope that helps.

0
 
LVL 11

Author Comment

by:Jason210
ID: 22741283
Hi Duggy & thanks.
Some questions.
What is a 4.2.2.2 address?
Also, how can I know if it's the infrastructure euqipment or the ISP?
By infratsructure, you mean the switches or the router, right?
0
 
LVL 24

Expert Comment

by:ryansoto
ID: 22741335
First how is DNS configured on your server(s)?  I assume you use forwarders for DNS not root hints...
DNS points to itself in tcpip properties of the lan conection of the server?
When the issue occurs how do you resolve it?  Power cycle the equipment?  Have users stop using the internet?
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 200 total points
ID: 22741718
Ryansoto's comments would be my first suggestions. My second guess would be a problem with SP1 on the server or a multihomed server. Intermittent comms are often caused by either or. But since we are playing with DNS, It is probably a preferred DNS or forwarders problem, as Ryansoto was commenting on.

SP1 has a fault that can flood a single NIC. The recommended fix on the below article says to get a hotfix. The preferred fix is to download SP2. For details see this link.
http://support.microsoft.com/default.aspx?scid=kb;en-us;898060

Multihomed servers sometimes go to the wrong NIC for DNS resolution. If you are using dual NICs, consider disabling one. One NIC is plenty for this environment. Before doing so, please tell us if you are using dual NICs. Disabling one NIC might leave metadata on the server that could slow down or knock down communications.



0
 
LVL 1

Assisted Solution

by:duggy22
duggy22 earned 300 total points
ID: 22742353
In regaurd to your questions to me, 4.2.2.2 is a not a root dns server, but it is a major server out there on the internet.  That will tell you if you have an internet problem and not a DNS problem.  If it does turn out that it is an internet problem then you can put a continuous ping on the inside IP of your firewall and and that will tell you if it is something on your network dropping.

Thanks.
0
 
LVL 11

Author Comment

by:Jason210
ID: 22747955
Thanks for all your comments.
So far I have not be able to resolev the issue. It resolves itself after 5 minutes. Any action that I could take, such as a power cycle, would take at leasta as long.
I'll try these ping checks on Monday if it happens again.
 
 
 
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 200 total points
ID: 22748883
--Managed Switches and routers have to be on the same mode of operation before they can communicate well with eachother. I once had this issues where my router was set to 100Mb full duplex and the swtich was set to autonegotiate. I saw intermittent internet access as a result. As far as I know, this is a Cisco quirk and not all devices. So, what make and model are your switches and routers??

--Also, can you provide us information on how DNS is configured within the forwarders tab. This certainly will knock down Internet access periodically.  Example of what we are looking for:
Forwarders (ISP's IP addresses) = 1.2.3.4 and 1.2.3.5
Recursion is disabled

--Never did find out what SP you were on or if you are on a multihomed DC.
0
 
LVL 11

Author Comment

by:Jason210
ID: 22751501
Thanks everyone for all the input. I have some good starting points now.
ChiefIT:
The router is Zyxell Zywall 35

The swtiches are HP ProCurve 2600 series.
I will check the DNS forwarders on Monday.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 38

Expert Comment

by:ChiefIT
ID: 22902192
Sorry I haven't replied in a while.

Any progress with the DNS forwarders?
0
 
LVL 11

Author Comment

by:Jason210
ID: 23128668
The DNS fowarders are set to the ISP's Primary & Secondary DNS addresses, which they provided.
0
 
LVL 11

Author Comment

by:Jason210
ID: 23128673
I have attached a file showing are set up.
Hardware-configuration.pdf
0
 
LVL 38

Assisted Solution

by:ChiefIT
ChiefIT earned 200 total points
ID: 23190636
When internet is down for that five minutes, try pinging an outside website by its IP, then by NSLOOKUP of its FQDN:

Example:

Ping 74.125.45.100

Then NSLookup www.google.com

This is two ways communicating with google.com. One checks connection with use of IP and the other through DNS. This will help us to pinpoint if the issue is DNS related only or if it is the entire network.

If the entire network, I would guess it is a configuration issue between the router and switch, or a bad wire.

If DNS, it sounds like your Nic configuration preferred DNS servers are incorrect on the server itself.

0
 
LVL 11

Author Comment

by:Jason210
ID: 23323989
Chief IT
Over the Christmas holiday I got the ISP people to send me a new modem (better make & model), and also to check their line. Everything was ok so this is NOT a problem on their side of the modem.
The preferred DNS servers are set to the correct ones.
So just waiting for this problem to occur again and hopefully I'll be around to do the tests...
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 24596409
angelll:

The new modem from the ISP seemed to resolve the issue. No response means to me that he hasn't seen the issue pop up again after the replacement modem was put in place.

Points refunded to:
01/08/09 01:44 AM, ID: 23323989

as the final answer would be my suggestion on how to close this question out.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 24596448
OOPs:

I didn't realize the very first comment made such a request to contact the ISP and look for replacement hardware:

I changed my recommendation to duggy22 PAQ:

10/17/08 04:30 AM, ID: 22741186
0
 
LVL 11

Author Closing Comment

by:Jason210
ID: 31507131
Some great suggestions here thanks!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now