WatrSkii
asked on
SBS 2003 DNS Slow Client Internet Browsing
Recently internet browsing from any clients connected to the internal lan of my SBS server has gotten painfully slow. In the past couple days it has gotten to the point where websites will timeout while "waiting for ..." whatever site is requested. I have isolated the problem to the SBS as when I connect a PC directly to my router the internet works fine (hence this post). I've searched through sevearl PAQ's however it appears that I'm already set the way they are requesting or the suggestions didnt solve the problem. I've included all the pertinent info I can think of. Please let me know if there is any more relevant information I can provide.
- SBS 2003 Standard, 2 NIC setup, internal LAN 192.168.16.x, external 10.0.0.x
- SBS provides all DHCP and DNS. All workstations and SBS NIC's point to 192.168.16.2 for DNS
- Forwarders are setup on DNS server pointing to ISP DNS servers
- Router has same DNS servers specified for when cliets connect to 10.0.0.x network which works correctly.
ipconfig /all from server:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>ipc onfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : psc01
Primary Dns Suffix . . . . . . . : mydomain.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : mydomain.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7771 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-18-FE-83-B8-5A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Ad
apter
Physical Address. . . . . . . . . : 00-1C-C4-11-DB-DA
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.2
DNS Servers . . . . . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.47
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
- SBS 2003 Standard, 2 NIC setup, internal LAN 192.168.16.x, external 10.0.0.x
- SBS provides all DHCP and DNS. All workstations and SBS NIC's point to 192.168.16.2 for DNS
- Forwarders are setup on DNS server pointing to ISP DNS servers
- Router has same DNS servers specified for when cliets connect to 10.0.0.x network which works correctly.
ipconfig /all from server:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>ipc
Windows IP Configuration
Host Name . . . . . . . . . . . . : psc01
Primary Dns Suffix . . . . . . . : mydomain.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : mydomain.local
Ethernet adapter Server Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7771 Gigabit Server Adapter
Physical Address. . . . . . . . . : 00-18-FE-83-B8-5A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.16.2
Primary WINS Server . . . . . . . : 192.168.16.2
Ethernet adapter Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Ad
apter
Physical Address. . . . . . . . . : 00-1C-C4-11-DB-DA
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.3
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.2
DNS Servers . . . . . . . . . . . : 192.168.16.2
NetBIOS over Tcpip. . . . . . . . : Disabled
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.16.47
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
can you clarify when 2 NICs are needed?
ASKER
Ive always got 2 NICs in use. As far as why, when I setup the network I felt more comfortable from a security standpoint having an additional layer of protection with all traffic having to go through the SBS server. Not sure if that answers the question.
There are a few things.
1. make sure you have all root dns servers listed in yoru DNS Server Properties.
2. As long as you have those you do not need to put forwarders.
3. Your external DNS setting is set to an internal Address. Set that to your ISP DNS.
4. all clients DNS should point to the 192.168.16.2
try those.
1. make sure you have all root dns servers listed in yoru DNS Server Properties.
2. As long as you have those you do not need to put forwarders.
3. Your external DNS setting is set to an internal Address. Set that to your ISP DNS.
4. all clients DNS should point to the 192.168.16.2
try those.
You are running ISA correct?
ASKER
mickeyfan:
1. there are 13 entries on the root hints tab (a.root-servers.net through m.root-servers.net). All with various IPs. Is this what youre referring to?
2. I removed the forwarders previously with no improvement. Just to make sure I did it again.
3. Did not correct problem. And if I'm not mistaken this would only correct the matter for browsing from the server, right? Once a client is connected w/ the DNS server it doesnt matter what the dns server settings on the server machine are set to, or so I understood.
4. Yes they do.
No I'm not running ISA. Just SBS 2003 Std.
1. there are 13 entries on the root hints tab (a.root-servers.net through m.root-servers.net). All with various IPs. Is this what youre referring to?
2. I removed the forwarders previously with no improvement. Just to make sure I did it again.
3. Did not correct problem. And if I'm not mistaken this would only correct the matter for browsing from the server, right? Once a client is connected w/ the DNS server it doesnt matter what the dns server settings on the server machine are set to, or so I understood.
4. Yes they do.
No I'm not running ISA. Just SBS 2003 Std.
Yes that is correct.
Your SBS Server shoudl be doing all resolution for the server and the clients.
So browsing from the server and client have not changed?
Your SBS Server shoudl be doing all resolution for the server and the clients.
So browsing from the server and client have not changed?
ASKER
They have not. Currently about 1 in 10 tries results in a successful load for any pages. The rest just timeout. Even yahoo.com takes about 30 seconds to load.
What happens when you point one of your clients to your isp's DNS Server?
ASKER
hmmm. Same problem. What else could be causing this if its not DNS?
ASKER
Client works perfectly fine if plugged into the router (bypassing the SBS server). Both when set to full DHCP and with the DNS servers set to ISP.
Plugged directly into the router I get 18Mb down/1.3Mb up
Going through the SBS server I cant get the page to load unfortunately.
Plugged directly into the router I get 18Mb down/1.3Mb up
Going through the SBS server I cant get the page to load unfortunately.
Take out the DNS Setting on the External NIC and on the internal NIC put 127.0.0.1
ASKER
No change. The internet is still working through the SBS b/c it has since figured out the IP for experts exchange. Its just getting to new sites which poses the problem. I'm posting this with the settings you just listed, however still cant load any new pages (ie speakeasy).
Hi Guys, just thourght id put my two bob in here.
i have had a smillar problem in the past.
to fix this issue i had to do the following.
1. rerun CEICW - follow this : http://www.sbs-rocks.com/sbs2k3/sbs2k3-n2.htm
n.b. use forwarders not the ip address of your ISP
2. open DNS - check your forward and reverse lookup zones, check to see if there are any double up entries for your server.
scavenge stale records and clear your chache, then restart dns.
run a simple and recursive dns test. both should pass if no you have a dns problem.
most likley you ahve the wrong nic set to the primary ( check this in network connections -- advanced settings -- see that your internal nic is at the top of the adaptors and bindings list.
3. go into your DHCP config, make sure you have set the DNS to be your server and NOTHING ELSE.
also check to make sure you have setup the zone correctly, right ip addreses, maybe install wins for extra lookup ability and specifiy in both dns and dhcp.
hope this helps
i have had a smillar problem in the past.
to fix this issue i had to do the following.
1. rerun CEICW - follow this : http://www.sbs-rocks.com/sbs2k3/sbs2k3-n2.htm
n.b. use forwarders not the ip address of your ISP
2. open DNS - check your forward and reverse lookup zones, check to see if there are any double up entries for your server.
scavenge stale records and clear your chache, then restart dns.
run a simple and recursive dns test. both should pass if no you have a dns problem.
most likley you ahve the wrong nic set to the primary ( check this in network connections -- advanced settings -- see that your internal nic is at the top of the adaptors and bindings list.
3. go into your DHCP config, make sure you have set the DNS to be your server and NOTHING ELSE.
also check to make sure you have setup the zone correctly, right ip addreses, maybe install wins for extra lookup ability and specifiy in both dns and dhcp.
hope this helps
ASKER
tech tonic thanks for the tips. Just a quick response:
1. That was the first thing I tried.
2. Both tests passed after running the ceicw. I stumbled upon them when poking around in the dns settings.
3. I did verify this the DHCP server had the correct IPs.
Well it seems as though a server restart has aleviated the problem. I am skeptical that it is solved as this stands as partial reasoning as to the intermitent nature of this problem. I'm going to leave the question open for a couple of days to see if the problem resurfaces. If you have any suggestions to check for problems that might be solved w/ a restart I am eager to hear. At this point however its going to be difficult to test as things are working properly.
1. That was the first thing I tried.
2. Both tests passed after running the ceicw. I stumbled upon them when poking around in the dns settings.
3. I did verify this the DHCP server had the correct IPs.
Well it seems as though a server restart has aleviated the problem. I am skeptical that it is solved as this stands as partial reasoning as to the intermitent nature of this problem. I'm going to leave the question open for a couple of days to see if the problem resurfaces. If you have any suggestions to check for problems that might be solved w/ a restart I am eager to hear. At this point however its going to be difficult to test as things are working properly.
Restarting would clear the DNS Cache. I have seen SBS 2003 have issues with it's DNS Cache and every so often having to clear this Cache would help. Just a thought.
ASKER
Hmm. During my troubleshooting yesterday I performed multiple ipconfig /flush dns and ipconfig /register dns on both the server and clients. I also restarted the DNS and DHCP server and client services on both server and clients. I would think that would have had the same effect, but I've been wrong before. I will keep an eye out.
Those do not clear the DNS cache on the DNS server itself. that clear the local resolver cache not the DNS Server cache.
To clear the DNS Server cache there are 2 ways:
1. At a command prompt use c:\dns /clearcache
or
2. right click the DNS Server within the DNS Server snapin and select clear cache.
To clear the DNS Server cache there are 2 ways:
1. At a command prompt use c:\dns /clearcache
or
2. right click the DNS Server within the DNS Server snapin and select clear cache.
ASKER
Got it. That is good to know. I will try that first thing next time the problem arises.
ASKER
Alrighty, Problem has returned and here are the updated highlights. Please anyone who has any suggestions I am all ears:
- Clearing DNS cache did not solve the problem
- DNS server has been intermittently failing the recursive query test. Simple always passes. What should I be checking for this?
- When browsing from client, changing local dns settings to ISPs servers does not allow browsing when connected to server. However, connecting directly to the router (bypassing SBS server) aleviates problem completely. This is sort of leading me to wonder if its something else non DNS related on the server. Any thoughts?
- I turned on packet logging and noticed a bunch of weatherbug /weather.com entries in a row. Any idea if this is abnormal if one user is running weatherbug? Is it possible for a DNS server to get "flooded" and cause these problems?
Thats all I got right now. Im only around for another hour or so, after that it will be monday before I respond. Thanks in advance for any further help!
- Clearing DNS cache did not solve the problem
- DNS server has been intermittently failing the recursive query test. Simple always passes. What should I be checking for this?
- When browsing from client, changing local dns settings to ISPs servers does not allow browsing when connected to server. However, connecting directly to the router (bypassing SBS server) aleviates problem completely. This is sort of leading me to wonder if its something else non DNS related on the server. Any thoughts?
- I turned on packet logging and noticed a bunch of weatherbug /weather.com entries in a row. Any idea if this is abnormal if one user is running weatherbug? Is it possible for a DNS server to get "flooded" and cause these problems?
Thats all I got right now. Im only around for another hour or so, after that it will be monday before I respond. Thanks in advance for any further help!
Hi WatrSkii,
have you checked in your event viewer to see if there are any other services failing or wierd error messages?
to me it sounds like you have a failing DNS forwarder/DNS root hint.
when this route is unreachable it is causing your error.
at this stage, i'd try a diffrent forwarder or maybe checking your internet connection.
it maybe that the connection is "timing out" and you intermittingly lose connection.
this would not effect your router, but could effect your DNS server.
have you checked in your event viewer to see if there are any other services failing or wierd error messages?
to me it sounds like you have a failing DNS forwarder/DNS root hint.
when this route is unreachable it is causing your error.
at this stage, i'd try a diffrent forwarder or maybe checking your internet connection.
it maybe that the connection is "timing out" and you intermittingly lose connection.
this would not effect your router, but could effect your DNS server.
ASKER
Havent had any unusual errors/warnings. I did see the following in the DNS Server events, but it is listed as information, so I initially wrote it off. Dont know what it means honestly.
Event Type: Information
Event Source: DNS
Event Category: None
Event ID: 113
Date: 4/10/2009
Time: 2:36:54 PM
User: N/A
Computer: PSC01
Description:
The DNS server could not signal the service "NAT". The error was 1168. There may be interoperability problems between the DNS service and this service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Also the time doesnt really match the problems. Since I last posted the problems have been very intermitent. It seems as though they always start to surface right around lunchtime and into the afteroon. Everything is fine in the mornings and begins to correct again in the evening. Is it possible that network traffic is affecting the DNS server?
As far as internet connection goes it has been a bit flakey. Comcast has been doing some repairs in the area and our connection has been getting dropped for 20-30 min about every 3 to 4 days. This sounds like it might be along the lines you are talking about. However the internet connection has been functional the last couple times ive troubleshot the problem. It would have to be a failing conneciton causing the problem and then not getting resolved once the connection is restored.
I guess the question becomes what is the proper action to take when something does get messed up or when the problems do arise again? You spoke of using different forwarders, where would I get these if not from my ISP?
Event Type: Information
Event Source: DNS
Event Category: None
Event ID: 113
Date: 4/10/2009
Time: 2:36:54 PM
User: N/A
Computer: PSC01
Description:
The DNS server could not signal the service "NAT". The error was 1168. There may be interoperability problems between the DNS service and this service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Also the time doesnt really match the problems. Since I last posted the problems have been very intermitent. It seems as though they always start to surface right around lunchtime and into the afteroon. Everything is fine in the mornings and begins to correct again in the evening. Is it possible that network traffic is affecting the DNS server?
As far as internet connection goes it has been a bit flakey. Comcast has been doing some repairs in the area and our connection has been getting dropped for 20-30 min about every 3 to 4 days. This sounds like it might be along the lines you are talking about. However the internet connection has been functional the last couple times ive troubleshot the problem. It would have to be a failing conneciton causing the problem and then not getting resolved once the connection is restored.
I guess the question becomes what is the proper action to take when something does get messed up or when the problems do arise again? You spoke of using different forwarders, where would I get these if not from my ISP?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That all sounds very reasonable. I guess the only question I have left is how I can go about resolving the problem when it ocurs. Unfortunately restarting the server at lunchtime every coupe days is not really an option. It seems as though the problem is a residual one that gets fixed by something getting cleared during a restart. Any ideas as to how I can perform this "clearing" without a restart?
As far as looking at the ISP during the problem times what would be suggested? The past couple times I have tried using nslookup with to no avail. I believe this points to dns problems as well. When you say ping and resovle addresses are you talking about pinging domain names, not IPs? Would comparing behavior between the two be of any benefit?
I'm just trying to have a plan ready for the next time the problem pops up, as my chances to troubleshoot are a bit limiited.
Thanks for all the help so far!
As far as looking at the ISP during the problem times what would be suggested? The past couple times I have tried using nslookup with to no avail. I believe this points to dns problems as well. When you say ping and resovle addresses are you talking about pinging domain names, not IPs? Would comparing behavior between the two be of any benefit?
I'm just trying to have a plan ready for the next time the problem pops up, as my chances to troubleshoot are a bit limiited.
Thanks for all the help so far!
Hi WatrSkii,
Had the same problem on my SBS network, IE browsing just seemed to get slower and slower over a period of months. I gave OpenDNS a go and had an instant improvement (best of all its 'free'!): https://www.opendns.com/start/device/windows-server-2003
maybe worth a go,
best,
Lenny
Had the same problem on my SBS network, IE browsing just seemed to get slower and slower over a period of months. I gave OpenDNS a go and had an instant improvement (best of all its 'free'!): https://www.opendns.com/start/device/windows-server-2003
maybe worth a go,
best,
Lenny
ASKER
Well my internet connection has been stable for awhile now and the problem has not arisen so I am goign to go ahead and close out here. I think tech_tonic was right about my sloppy connection goofing with sbs. Or at least thats the best I can figure. Thanks for all your help guys!
First off...thanks for sharing all your experience and ideas.
I had the same problem on my SBS network. I removed all the forwarders and entered the DNS servers for my ISP (see WatrSkii's last entry for OpenDNS link with instructions) then I cleared the DNS cache. It is smoking now.
Just wanted to all my expeience. Thanks again!
I had the same problem on my SBS network. I removed all the forwarders and entered the DNS servers for my ISP (see WatrSkii's last entry for OpenDNS link with instructions) then I cleared the DNS cache. It is smoking now.
Just wanted to all my expeience. Thanks again!