Solved

Windows 7 machines dropping connection to domain

Posted on 2011-03-17
13
822 Views
Last Modified: 2012-05-11
Three out of the four Windows 7 machines are disconnecting from our server. I cannot ping anything, not the gateway, not the server, not anything on the network. I lose connection to the users desktop, documents, etc (JUST put folder redirection into place yesterday). I also setup Offline Files but they are not working properly (shows it's enabled in the sync center, but files still do not cache themeselves even though the desktop/documents are located on the server).

These disconnections are pretty frequent and random, particularly on one machine. It's currently disconnected so I can run tests for you tonight. The kicker is, if I release and renew the IP, they regain connection. This should lead us to the answer.

Server:
Windows Server 2008
Active Directory/Domain Controller, DHCP, DNS, Fileserver

Client(s):
Windows 7
DHCP auto configured
0
Comment
Question by:mtaylor584
  • 7
  • 6
13 Comments
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161139
Have you verified that you are not using IP's or being giving an IP by DHCP that is already in use or statically set somewhere else?  Do you have plenty of 'available' IP's left in the scope that are not already leased?
0
 

Author Comment

by:mtaylor584
ID: 35161270
That was my first thought, and no her address is not being leased by DHCP to anyone else. We have plenty left for lease.
0
 

Author Comment

by:mtaylor584
ID: 35161323
Turns out this is happening to all machines, regardless of OS, but the XP machines have offline folders so the users are able to continue woring. This is a big problem here at work, I'm going to stay here until midnight solving this if I have to. Last night I was here until then implementing this. If anyone has any ideas, I'm starting to suspect the NIC is going out. I've had problems with the NIC's on this machine in the past. I'm going to try and use another NIC, bear with me.
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161362
If your whole network is crumbling, and all machines are losing connectivity, your mgmt devices and sessions are crawling to a stop, then you may have a broadcast storm at play.

Check the nics out, and also look at your switches.  Do the lights look normal, or do you see weird and crazing flashing everywhere that does NOT look anywhere close to normal?  Do you have any small, older 5-port switches running, or new or old devices recently added?

I would suggest trying to narrow this down, and use a tool like wireshark to determine 'top talkers'.  Here's a guide to get you started.
http://sysadminhell.blogspot.com/2008/04/using-wireshark-to-determine-bandwidth.html

Wireshark download:
http://www.wireshark.org/download.html

Docs:
http://www.wireshark.org/docs/wsug_html_chunked/
http://www.wireshark.org/docs/man-pages/wireshark-filter.html
0
 

Author Comment

by:mtaylor584
ID: 35161370
I am unable to replace the NIC card as none are on hand.

I found something, the large the size of the pings (20000 bytes), the more pings time out on the server.

I'm sending the same size pings to other PC's on the network and they are responding with 0% packetloss. I get a 40% packet loss result when sending pings to server at 20000 bytes using this command. If I send 60000 byte packets, I get 100% loss. I'm wondering if servers are setup against DDoS attacks by implementing a rejection policy on large pings? Can anyone comment?

ping -l 20000 -n 100 xxx.xxx.xxx.xxx
0
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161419
Try updating the nic firmware, as well as updating or reinstalling the latest driver.  Disable TCP Chimney in the OS.
http://technet.microsoft.com/en-us/library/gg162682(WS.10).aspx

Also disable TCP Chimney in the nic's Driver Properties > Advanced tab.

If this doesn't resolve it, then I would use Wireshark to see what is really going on here.

There are actually 2 types of DoS protections using netsh.  It doesn't sound like you are using either here, but then again, I'm not familiar with your setup.
http://technet.microsoft.com/en-us/library/ee621833(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc726423(WS.10).aspx
0
 

Author Comment

by:mtaylor584
ID: 35161488
as I was looking for the TCP Chimney option in the driver properties, I noticed the Receive Buffers are set at 256, that is extremely low from what I've read. Should I increase to around 8000? The receive buffers is basically a curfew from what I've read, every 256 bytes of data sent, it requires a check-in to make sure the client has received that last packet, which in my case would be 256 (bytes?). I'm continuing to make those changes above.
0
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35161588
I would verify that both transmit and receive are set to at least 256, which is the default.  If you decide to increase it, then just monitor it to ensure it's improved.  It will consume more system memory, but this may not be of concern for you, depending on available resources.  For the most part, we leave ours set to 256, unless something else is needed.  For instance, we have some db servers set to a value of 1500.
0
 

Author Comment

by:mtaylor584
ID: 35162181
I've made those changes.

But what ended up fixing it, was changing to another port on the switch. That port on the switch is giving intermittent pings, I'm getting 100% now on the other gigabit port. It seems to really be bad in gigabit mode, when I plugged a 100mbit/s line in there it wasn't dropping as many packets. Perhaps an auto negotiation issue?

Either way, it's running great. Now I just need to figure out why there is no option for "Make available offline" on a particular share on the server.
0
 

Author Comment

by:mtaylor584
ID: 35162188
I'll give you these credits yelbaglf if this final question does not get answered. Does anyone have a response to the offline folders on the Server 2008 share. It's just this one share that does not allow "make available offline". I'm enabled in caching to always make this share available offline on the server side, clientside it doesn't appear to be working.
0
 
LVL 11

Accepted Solution

by:
yelbaglf earned 250 total points
ID: 35164371
I see you have it set on the server-side, but what about the client side?  Does yours look like the below image?  You may also try to disable and turn off caching on the folder, and then try enabling it again at both ends.  Sometimes your CSC cache folder can get corrupt and cause issues, especially since we were having connectivity issues earlier.  Are the other 'working' shares on this same server or a different server?  And are the 'working' and 'non-working' shares made available to the same group of clients?  Also, verify all NTFS and Share permissions for the share.

Cache
0
 

Author Closing Comment

by:mtaylor584
ID: 35184557
Absolutely fantastic answer. This was the problem, and was very difficult to find. This is going to receive a good amount of hits from google in time.
0
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35184897
Glad I could help!  
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SYSVOL corrupted 12 96
What the steps to diagnose DC replication? 3 35
How to find computer SID in windows server 2008 r2 3 106
EIGRP Bandwidth 9 21
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question