Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 876
  • Last Modified:

Windows 7 machines dropping connection to domain

Three out of the four Windows 7 machines are disconnecting from our server. I cannot ping anything, not the gateway, not the server, not anything on the network. I lose connection to the users desktop, documents, etc (JUST put folder redirection into place yesterday). I also setup Offline Files but they are not working properly (shows it's enabled in the sync center, but files still do not cache themeselves even though the desktop/documents are located on the server).

These disconnections are pretty frequent and random, particularly on one machine. It's currently disconnected so I can run tests for you tonight. The kicker is, if I release and renew the IP, they regain connection. This should lead us to the answer.

Server:
Windows Server 2008
Active Directory/Domain Controller, DHCP, DNS, Fileserver

Client(s):
Windows 7
DHCP auto configured
0
mtaylor584
Asked:
mtaylor584
  • 7
  • 6
1 Solution
 
yelbaglfCommented:
Have you verified that you are not using IP's or being giving an IP by DHCP that is already in use or statically set somewhere else?  Do you have plenty of 'available' IP's left in the scope that are not already leased?
0
 
mtaylor584Author Commented:
That was my first thought, and no her address is not being leased by DHCP to anyone else. We have plenty left for lease.
0
 
mtaylor584Author Commented:
Turns out this is happening to all machines, regardless of OS, but the XP machines have offline folders so the users are able to continue woring. This is a big problem here at work, I'm going to stay here until midnight solving this if I have to. Last night I was here until then implementing this. If anyone has any ideas, I'm starting to suspect the NIC is going out. I've had problems with the NIC's on this machine in the past. I'm going to try and use another NIC, bear with me.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
yelbaglfCommented:
If your whole network is crumbling, and all machines are losing connectivity, your mgmt devices and sessions are crawling to a stop, then you may have a broadcast storm at play.

Check the nics out, and also look at your switches.  Do the lights look normal, or do you see weird and crazing flashing everywhere that does NOT look anywhere close to normal?  Do you have any small, older 5-port switches running, or new or old devices recently added?

I would suggest trying to narrow this down, and use a tool like wireshark to determine 'top talkers'.  Here's a guide to get you started.
http://sysadminhell.blogspot.com/2008/04/using-wireshark-to-determine-bandwidth.html

Wireshark download:
http://www.wireshark.org/download.html

Docs:
http://www.wireshark.org/docs/wsug_html_chunked/
http://www.wireshark.org/docs/man-pages/wireshark-filter.html
0
 
mtaylor584Author Commented:
I am unable to replace the NIC card as none are on hand.

I found something, the large the size of the pings (20000 bytes), the more pings time out on the server.

I'm sending the same size pings to other PC's on the network and they are responding with 0% packetloss. I get a 40% packet loss result when sending pings to server at 20000 bytes using this command. If I send 60000 byte packets, I get 100% loss. I'm wondering if servers are setup against DDoS attacks by implementing a rejection policy on large pings? Can anyone comment?

ping -l 20000 -n 100 xxx.xxx.xxx.xxx
0
 
yelbaglfCommented:
Try updating the nic firmware, as well as updating or reinstalling the latest driver.  Disable TCP Chimney in the OS.
http://technet.microsoft.com/en-us/library/gg162682(WS.10).aspx

Also disable TCP Chimney in the nic's Driver Properties > Advanced tab.

If this doesn't resolve it, then I would use Wireshark to see what is really going on here.

There are actually 2 types of DoS protections using netsh.  It doesn't sound like you are using either here, but then again, I'm not familiar with your setup.
http://technet.microsoft.com/en-us/library/ee621833(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc726423(WS.10).aspx
0
 
mtaylor584Author Commented:
as I was looking for the TCP Chimney option in the driver properties, I noticed the Receive Buffers are set at 256, that is extremely low from what I've read. Should I increase to around 8000? The receive buffers is basically a curfew from what I've read, every 256 bytes of data sent, it requires a check-in to make sure the client has received that last packet, which in my case would be 256 (bytes?). I'm continuing to make those changes above.
0
 
yelbaglfCommented:
I would verify that both transmit and receive are set to at least 256, which is the default.  If you decide to increase it, then just monitor it to ensure it's improved.  It will consume more system memory, but this may not be of concern for you, depending on available resources.  For the most part, we leave ours set to 256, unless something else is needed.  For instance, we have some db servers set to a value of 1500.
0
 
mtaylor584Author Commented:
I've made those changes.

But what ended up fixing it, was changing to another port on the switch. That port on the switch is giving intermittent pings, I'm getting 100% now on the other gigabit port. It seems to really be bad in gigabit mode, when I plugged a 100mbit/s line in there it wasn't dropping as many packets. Perhaps an auto negotiation issue?

Either way, it's running great. Now I just need to figure out why there is no option for "Make available offline" on a particular share on the server.
0
 
mtaylor584Author Commented:
I'll give you these credits yelbaglf if this final question does not get answered. Does anyone have a response to the offline folders on the Server 2008 share. It's just this one share that does not allow "make available offline". I'm enabled in caching to always make this share available offline on the server side, clientside it doesn't appear to be working.
0
 
yelbaglfCommented:
I see you have it set on the server-side, but what about the client side?  Does yours look like the below image?  You may also try to disable and turn off caching on the folder, and then try enabling it again at both ends.  Sometimes your CSC cache folder can get corrupt and cause issues, especially since we were having connectivity issues earlier.  Are the other 'working' shares on this same server or a different server?  And are the 'working' and 'non-working' shares made available to the same group of clients?  Also, verify all NTFS and Share permissions for the share.

Cache
0
 
mtaylor584Author Commented:
Absolutely fantastic answer. This was the problem, and was very difficult to find. This is going to receive a good amount of hits from google in time.
0
 
yelbaglfCommented:
Glad I could help!  
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now