Solved

Windows 7 machines dropping connection to domain

Posted on 2011-03-17
13
836 Views
Last Modified: 2012-05-11
Three out of the four Windows 7 machines are disconnecting from our server. I cannot ping anything, not the gateway, not the server, not anything on the network. I lose connection to the users desktop, documents, etc (JUST put folder redirection into place yesterday). I also setup Offline Files but they are not working properly (shows it's enabled in the sync center, but files still do not cache themeselves even though the desktop/documents are located on the server).

These disconnections are pretty frequent and random, particularly on one machine. It's currently disconnected so I can run tests for you tonight. The kicker is, if I release and renew the IP, they regain connection. This should lead us to the answer.

Server:
Windows Server 2008
Active Directory/Domain Controller, DHCP, DNS, Fileserver

Client(s):
Windows 7
DHCP auto configured
0
Comment
Question by:mtaylor584
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161139
Have you verified that you are not using IP's or being giving an IP by DHCP that is already in use or statically set somewhere else?  Do you have plenty of 'available' IP's left in the scope that are not already leased?
0
 

Author Comment

by:mtaylor584
ID: 35161270
That was my first thought, and no her address is not being leased by DHCP to anyone else. We have plenty left for lease.
0
 

Author Comment

by:mtaylor584
ID: 35161323
Turns out this is happening to all machines, regardless of OS, but the XP machines have offline folders so the users are able to continue woring. This is a big problem here at work, I'm going to stay here until midnight solving this if I have to. Last night I was here until then implementing this. If anyone has any ideas, I'm starting to suspect the NIC is going out. I've had problems with the NIC's on this machine in the past. I'm going to try and use another NIC, bear with me.
0
Get Database Help Now w/ Support & Database Audit

Keeping your database environment tuned, optimized and high-performance is key to achieving business goals. If your database goes down, so does your business. Percona experts have a long history of helping enterprises ensure their databases are running smoothly.

 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161362
If your whole network is crumbling, and all machines are losing connectivity, your mgmt devices and sessions are crawling to a stop, then you may have a broadcast storm at play.

Check the nics out, and also look at your switches.  Do the lights look normal, or do you see weird and crazing flashing everywhere that does NOT look anywhere close to normal?  Do you have any small, older 5-port switches running, or new or old devices recently added?

I would suggest trying to narrow this down, and use a tool like wireshark to determine 'top talkers'.  Here's a guide to get you started.
http://sysadminhell.blogspot.com/2008/04/using-wireshark-to-determine-bandwidth.html

Wireshark download:
http://www.wireshark.org/download.html

Docs:
http://www.wireshark.org/docs/wsug_html_chunked/
http://www.wireshark.org/docs/man-pages/wireshark-filter.html
0
 

Author Comment

by:mtaylor584
ID: 35161370
I am unable to replace the NIC card as none are on hand.

I found something, the large the size of the pings (20000 bytes), the more pings time out on the server.

I'm sending the same size pings to other PC's on the network and they are responding with 0% packetloss. I get a 40% packet loss result when sending pings to server at 20000 bytes using this command. If I send 60000 byte packets, I get 100% loss. I'm wondering if servers are setup against DDoS attacks by implementing a rejection policy on large pings? Can anyone comment?

ping -l 20000 -n 100 xxx.xxx.xxx.xxx
0
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161419
Try updating the nic firmware, as well as updating or reinstalling the latest driver.  Disable TCP Chimney in the OS.
http://technet.microsoft.com/en-us/library/gg162682(WS.10).aspx

Also disable TCP Chimney in the nic's Driver Properties > Advanced tab.

If this doesn't resolve it, then I would use Wireshark to see what is really going on here.

There are actually 2 types of DoS protections using netsh.  It doesn't sound like you are using either here, but then again, I'm not familiar with your setup.
http://technet.microsoft.com/en-us/library/ee621833(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc726423(WS.10).aspx
0
 

Author Comment

by:mtaylor584
ID: 35161488
as I was looking for the TCP Chimney option in the driver properties, I noticed the Receive Buffers are set at 256, that is extremely low from what I've read. Should I increase to around 8000? The receive buffers is basically a curfew from what I've read, every 256 bytes of data sent, it requires a check-in to make sure the client has received that last packet, which in my case would be 256 (bytes?). I'm continuing to make those changes above.
0
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161588
I would verify that both transmit and receive are set to at least 256, which is the default.  If you decide to increase it, then just monitor it to ensure it's improved.  It will consume more system memory, but this may not be of concern for you, depending on available resources.  For the most part, we leave ours set to 256, unless something else is needed.  For instance, we have some db servers set to a value of 1500.
0
 

Author Comment

by:mtaylor584
ID: 35162181
I've made those changes.

But what ended up fixing it, was changing to another port on the switch. That port on the switch is giving intermittent pings, I'm getting 100% now on the other gigabit port. It seems to really be bad in gigabit mode, when I plugged a 100mbit/s line in there it wasn't dropping as many packets. Perhaps an auto negotiation issue?

Either way, it's running great. Now I just need to figure out why there is no option for "Make available offline" on a particular share on the server.
0
 

Author Comment

by:mtaylor584
ID: 35162188
I'll give you these credits yelbaglf if this final question does not get answered. Does anyone have a response to the offline folders on the Server 2008 share. It's just this one share that does not allow "make available offline". I'm enabled in caching to always make this share available offline on the server side, clientside it doesn't appear to be working.
0
 
LVL 11

Accepted Solution

by:
yelbaglf earned 250 total points
ID: 35164371
I see you have it set on the server-side, but what about the client side?  Does yours look like the below image?  You may also try to disable and turn off caching on the folder, and then try enabling it again at both ends.  Sometimes your CSC cache folder can get corrupt and cause issues, especially since we were having connectivity issues earlier.  Are the other 'working' shares on this same server or a different server?  And are the 'working' and 'non-working' shares made available to the same group of clients?  Also, verify all NTFS and Share permissions for the share.

Cache
0
 

Author Closing Comment

by:mtaylor584
ID: 35184557
Absolutely fantastic answer. This was the problem, and was very difficult to find. This is going to receive a good amount of hits from google in time.
0
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35184897
Glad I could help!  
0

Featured Post

Don't Miss ATEN at InfoComm 2017!

Visit booth #2167 to see the  new ATEN VM3200 32 x 32 Modular Matrix Switch. Other highlights include the VE8950 4K HDMI Over IP Extender, VS1912 12-Port DP Video Wall Media Player  and VK2100 ATEN Control System. Register now with Free Pass Code ATEN288!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your computer hacked? learn how to detect and delete malware in your PC
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question