SpencerKarnovski
asked on
Strange network issue - users cannot connect to websites, or they take long to load.
Hello there. We are having some strange issues regarding connecting to websites from within our network. And users connecting to our network using Logmein are also having problems, slow loading pages, or disconnects.
ADSL - 8mb/512
Windows 2000 Server + MS Exchange.
Firewall handles the NAT.
100mb switch
Basically it either takes about x4 times as long to connect to a webpage - eg. the loading bar at the bottom of the page goes very slow. Or the page times out, or we get disconnected (in the case when we try to use logmein)
Now the reason why I think this is strange, is that it only happens to certain pages - hotmail loads fine, quick. Google loads fine, browsing seems fine. I have run speed tests, they are fine. I have called our ISP, they have done circut check, tested the lines, they seem fine. I have run malware scans on all PCs - checked that we have no one downloading or uploading big files.
I'm going to add wireshark to our server today. The only thing I can think of is to reinstall all NIC;s on affected PCs.
Oh, and another thing - which may or may not be direct at this particular problem. My boss suddenly cannot connect via Terminal Services from his home PC, nor logmein. Again, this could be a problem locally to him, but he says everthing else is working fine. Still, this might be another question.
Another option for me to try is to do a 24 hour line check and other diagnostics. Are there any other applications that can help me see if its our network connection causing these slow-downs/disconnects, or its the actual sites themselves. BTW: I have ping'ed, tracert to all listed sites, all came back fine.
Anyhoo - got any ideas of this one. I'm getting calls every minute about people not being able to connect.
Thanks.
ADSL - 8mb/512
Windows 2000 Server + MS Exchange.
Firewall handles the NAT.
100mb switch
Basically it either takes about x4 times as long to connect to a webpage - eg. the loading bar at the bottom of the page goes very slow. Or the page times out, or we get disconnected (in the case when we try to use logmein)
Now the reason why I think this is strange, is that it only happens to certain pages - hotmail loads fine, quick. Google loads fine, browsing seems fine. I have run speed tests, they are fine. I have called our ISP, they have done circut check, tested the lines, they seem fine. I have run malware scans on all PCs - checked that we have no one downloading or uploading big files.
I'm going to add wireshark to our server today. The only thing I can think of is to reinstall all NIC;s on affected PCs.
Oh, and another thing - which may or may not be direct at this particular problem. My boss suddenly cannot connect via Terminal Services from his home PC, nor logmein. Again, this could be a problem locally to him, but he says everthing else is working fine. Still, this might be another question.
Another option for me to try is to do a 24 hour line check and other diagnostics. Are there any other applications that can help me see if its our network connection causing these slow-downs/disconnects, or its the actual sites themselves. BTW: I have ping'ed, tracert to all listed sites, all came back fine.
Anyhoo - got any ideas of this one. I'm getting calls every minute about people not being able to connect.
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ah - sites to which you "log in" are genreally "secure" (HTTPS) sites using SSL. The most significant point here is that they run on port 443 instead of port 80.
Could something be intefering with port 443 access?
I have to say, it smells badly of a misconfigured proxy, in this particular case, it's handling port 80 traffic most of the time but going badly wrong when a site "goes secure" and switches you to port 443.
And if you get occsional screens from a proxy server, that's even more suspicion that your traffic is going via a proxy somewhere. If you dont' have a proxy server configured in the browser setup, taht would suggest to me that the ISP has implemented a "transparent proxy" and is catchign and routing your web traffic through it without your knowledge.
If nothing at your end has changed I have to suspect something new at the ISP end...
Could something be intefering with port 443 access?
I have to say, it smells badly of a misconfigured proxy, in this particular case, it's handling port 80 traffic most of the time but going badly wrong when a site "goes secure" and switches you to port 443.
And if you get occsional screens from a proxy server, that's even more suspicion that your traffic is going via a proxy somewhere. If you dont' have a proxy server configured in the browser setup, taht would suggest to me that the ISP has implemented a "transparent proxy" and is catchign and routing your web traffic through it without your knowledge.
If nothing at your end has changed I have to suspect something new at the ISP end...
ASKER
Hey cc
I'm going to give my ISP a call now, just to confirm if they are directing us through a proxy. I just got another call from a user.
She uses a delivery service called interlink express, on this page she has to enter a load of data, then preses print - and then a lable is printed on her portable label printer.
Now, strange thing is, she enters the data - then presses print. After that suddenly the page jumps back to an empty data sheet. This does this about 7/10. It seems that browsing is ok, its just when my users have to enter some information, then click a button - thats when the browser slows down.
Strange..
I'm going to give my ISP a call now, just to confirm if they are directing us through a proxy. I just got another call from a user.
She uses a delivery service called interlink express, on this page she has to enter a load of data, then preses print - and then a lable is printed on her portable label printer.
Now, strange thing is, she enters the data - then presses print. After that suddenly the page jumps back to an empty data sheet. This does this about 7/10. It seems that browsing is ok, its just when my users have to enter some information, then click a button - thats when the browser slows down.
Strange..
I have to say, these are all classic signs of mis-behaving proxy server. Works fine on "plain" pages, anything that goes secure, anuthing that has form-fill or returns data to the server, starts to be more difficult for the proxy to do properly...
ASKER
Hi - I have called my ISP, and there are no proxy servers on our broadband line.
However, I just looked into the server logs and got this error.
"The virtual memory needed to run the exchange server is fragmented in such a way that normal operation is beginning to fail - we need to restart the exchange services".
So I then checked the Disk Management tool, and our drives are heavy de fragmented. I did defrag a while ago, but it must have got cancelled. Could a heavly fragmented HD cause the slowdowns previsously discussed?
Will be running a defrag tonight..
Another issue stated in the server event viewer.
"Scope 192.168.0.0 is 100% full with onlyl 0 IP addresses remaining".
Also, just spoke to my boss and he said at 17:30 (leaving time for most staff) that the problems (connecting via logmein + TC) went away. So this would indicate network congestion is a possible cause. however, no workstation is download/uploading anything - i have run scans.
Again, could this be due to the load on a heavily fragmented server?
thanks
However, I just looked into the server logs and got this error.
"The virtual memory needed to run the exchange server is fragmented in such a way that normal operation is beginning to fail - we need to restart the exchange services".
So I then checked the Disk Management tool, and our drives are heavy de fragmented. I did defrag a while ago, but it must have got cancelled. Could a heavly fragmented HD cause the slowdowns previsously discussed?
Will be running a defrag tonight..
Another issue stated in the server event viewer.
"Scope 192.168.0.0 is 100% full with onlyl 0 IP addresses remaining".
Also, just spoke to my boss and he said at 17:30 (leaving time for most staff) that the problems (connecting via logmein + TC) went away. So this would indicate network congestion is a possible cause. however, no workstation is download/uploading anything - i have run scans.
Again, could this be due to the load on a heavily fragmented server?
thanks
ASKER
Well, turns out all these issue was caused by a highly defragmented hard drive on the server. I had been running degrag, but always running this from an RD connection, so when I closed the RD window it stopped the defrag - even though there is a message saying the opposite.
However, I have also deframented the drive locally, and windows did not do a great job. I installed disk keep pro and it fixed all the above issues. It also speeded up the server, and now my boss can connect via TC without getting disconnected.
However, I have also deframented the drive locally, and windows did not do a great job. I installed disk keep pro and it fixed all the above issues. It also speeded up the server, and now my boss can connect via TC without getting disconnected.
ASKER
Good information was posted.
ASKER
We are not connected to a proxy through our ISP, and nothing has changed in this regard as far as I'm aware. However, I do on occasion get a proxy login box appear, but as expressed. I really do not know where this is coming from. Something for me to investigate!
This problem has only started over the page 36 hours though, and nothing from our normal setup has changed. As for a dodgy switch port, could well be. But, not all users are suffering from the slow connections/disconnects.
It does seem that most sites that are unreachable are secure sites that have the user logging in. Like connecting to online bank accounts, logmein etc..
I have been keeping an eye on the router status page, we have not be intermittently disconnecting.
Ok, so to recap. Areas for me to investigate are;
Poxy Server
Switch ports
Can you add to this list, thanks.