Internet access is very slow - related to exchange transport service on TMG

I posted this question a few months ago and was having difficulties resolving the issues. Since then I think i may have narrowed the cause down.  My original post is marked between the ### lines:

#######################################################################

We have an EBS 2008 network comprising of the usual management server, exchange server and Forefront server (ISA).

The installation and migration was pretty much issue free and went well and has been running for about 10 months now. I would say that on average, internet access is slower than what would be considered normal. But the real problem is that internet access has diminished to a crawl. This started to happen randomly and for different lengths of time. It didnt happen everyday but when it did, it maybe lasted for 40 minutes or 3 - 4 hours. Then it returned to normal with no intervention. Now it is constantly slow. I mean web sites take 30 seconds to load. Download speeds are reduced to 4Kb/s.

I have added a few rules to ISA to allow access to ftp sites but other than that the system is pretty much the same as the default EBS configuration.


During troubleshooting, i have:

- rebooted ISA server and router - result: no change. Problem still exists.
- disconnected the ISA server and replaced  it with a single, separate router. Result: internet access was amazingly fast - ie the problem disappeared.  Reconnecting the ISA server causes the problem to re-appear.

It looks like the problem is involving the ISA sevrer in some part.  I thought it might be a setting in ISA's configuration but since the problem is random it wouldnt make sense.

I have read a few articles on DNS causing problems for ISA but i'm fairly sure that DNS is setup ok. The LAN card DNS points to internal DNS servers. The internal DNS servers have forwarders setup to the ISP's DNS servers.  

I have also applied MS KB839510 with no change. My NICs are binded in the correct order ie LAN first then WAN. There are no teamed network ports or anything else out-of-the-ordinary.

###########################################################################

Now, since then I have opened a case with MS. They took logs, traces and other information. The case lasted for a few weeks and toward the end the problem had stopped - case closed and everyone happy. Then, a week later, out of the blue it all started again.

So after a bit of an idea-trashing session with colleagues, I went through the services on the TMG server and stopped them one by one and tested the internet speed. I discovered that when the Microsoft Exchange Transport service was stopped, internet access was restored to normal - really fast. This scenario was tested extensively. There is no email in the queue so thats not the cause.

Any help much appreciated.
CruthinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

muzzi_inCommented:
After reading above description i have couple of steps which need to perform on exchange server,

1) rename the Queue Folder (if there is any corrupted email stuck in the Queue it try to send that email  again and again and it consume high internet bandwidth, P.S. that mail will not visible in Queue)
stop Transport service go to Exchange install folder\Transportrole\data\Queue, rename it
and then start the Transport service,

2) Enable Anti spam agent,
40% Internet bandwidth utilize by spammer.
http://technet.microsoft.com/en-us/library/bb201691.aspx
http://msexchangeteam.com/archive/2006/11/17/431555.aspx
http://msexchangeteam.com/archive/2007/01/03/432050.aspx

3) make sure there is no Open relay and there is no dedicated not trusted IP address added in relay / receive connectors.
4) if there is no IMAP / POP users , keep disable the service.
5) make sure there is no messages are stuck in users Outbox / draft folder, if find delete them
0
DNadon57Commented:
I had a similar problem when I first installed EBS and found that it was DNS resolution that was extremely slow.  It was caused by flood mitigation settings in TMG.  I found that adding the Messaging and Management servers to the exclusion list for flood mitigation and increasing the MAX connections settings per minute per IP and MAX concurrent UDP sessions per IP address resolved the problem.  Have a look at your Flood Mitigation settings in the Firewall policy section of TMG.
0
CruthinAuthor Commented:
muzzi,

I have renamed the queue folder and restarted the service - the problem has dissapeared!  But I will wait for a few days before i am satisfied as we are on holidays and there are no users using the system at the minute.

DNadon47 - I had looked at your suggestion a few months months ago and did add both the servers to the exclusion list. I have made a lot of changes and i will re-visit this area to check.  By the way, how did you think SCE performed? I found that the agent hogged processor time on the client and decided to disable it altogther on the clients. I would like to use but can't because of the complaints from users.

Thanks to all.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

CruthinAuthor Commented:
When all users returned to work, the problem re-occurs - even when the exchange transport is  disabled.

Any other Ideas?
0
vindenCommented:
Make sure Forefront SP2 is installed, since this seems like it's Forefront related.




0
vindenCommented:
You should really narrow it down once and for all.
You said it was forefront related cause it did not occur when forefront was replaced with a small router. But later on you mentioned stopping the exchange transport server to see if the problems disappears.
First thing you need now is knowing 100% which server or service is causing the problem, otherwise you're complicating things.
0
CruthinAuthor Commented:
After a long battle we discovered that changing the router solved the issue.  That's not to say we didn't try that already - this was the 5th routing device which we replaced - but a different manufacturer was used this time.

Thanks for your help
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rodneygrayCommented:
I am having the same problem. I stop the transport service, delete the old queue folder and restart transport service. Then for a while, all is well. This happens about once per week. Just wanted everyone to know that this is not a random issue.
0
tekniteCommented:
For reference and after reading this post, I decided to stop ALL exchange services, get all users to delete all mails in their outbox and drafts folders, then renamed the Queue directory "Exchange install folder\Transportrole\data\Queue", recreated a new Queue directory and restarted ALL appropriate Exchange services and indeed the problem was solved..... Cheers guys.. :o)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.