?
Solved

DNS / Network issues on new network – where to start? Ipv6 issue?

Posted on 2011-10-07
17
Medium Priority
?
602 Views
Last Modified: 2012-05-12
Hi,

A new network we installed is having problems and I need some input.

***The problem***
DNS resolution seems to be failing. E.g. Slow internet page loads and various other issues.

***The network***
For historical reasons there is the following setup. One physical network. Has one WAN / Broadband connected served by a Draytek 2830 router which gives out DHCP on a range of 192.168.5.X. This serves general visitors and the wireless users not connected to domain.
Also there is another WAN / Broadband connection served by another Draytek 2830 (just put in by us). This is on a static range of IP on the subnet 172.168.6.X. Therefore the second 2830 does not have DHCP enabled and on this subnet is a new Windows 2008 server we put in and 10 workstations. They all have static IP’s

***Some details***
Users were complaining of slow internet, but not always. But we witnessed it at times. E.g. Google taking 30 seconds to load. Some images on pages not downloading
If we changed the DNS on a workstation to be Google DNS directly (rather than that of the server on the network) it immediately solved the issues on that PC. Although we had one issue where having Google DNS on a workstation meant that user could not get onto online banking, so had to change back to local server DNS and then they could.

It’s been an issue for  a week and when I think I have solved it because it can behave OK it rears its head again

***Questions****
1 ) What free tools can I use to try and establish what is happened? I’ve never used any network monitoring tools but I believe there are free ones which could see what traffic is going over it.
2 ) I’ve looked on the Event viewer for DNS and although some 5501 - DNS_EVENT_BAD_PACKET_LENGTH events as “information” (not an error or warning) over the past few days (maybe this is an indication) I can’t see anything else unusual.
3 ) A colleague suggested disabling IPv6 on the workstations because he noted that some of the PC’s had open sessions on the server using IPv6 IP rather than an IPv4. Could there be something in this?
4 ) IS there anything else anyone can suggest as to how I should go about resolving this problem. I really want to have a weekend.
0
Comment
Question by:afflik1923
17 Comments
 
LVL 11

Expert Comment

by:BillBondo
ID: 36931315
Use both DNS servers. Googles and yours. Try 2 machines and alternate the primary dns. Just a  thought.
0
 
LVL 11

Expert Comment

by:Kruno Džoić
ID: 36931336
do you have domain and DNS configured on 2008 server?
0
 

Author Comment

by:afflik1923
ID: 36931589
Yes. The Windows 2008 server has been configured with DNS and it has the local ISP DNS as forwarders and Googles.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36931809
Can you please post ipconfig /all from client and server.
0
 
LVL 19

Accepted Solution

by:
bevhost earned 2000 total points
ID: 36934232
3) it is important that you don't have public IPv6 addresses on machines that are not connected to the public internet.

If a machine has a public IPv6 address it will assume it is connected to the internet via IPv6 and will try to use it for DNS and connections to IPv6 services on the internet.  if this fails, it will time out and try IPv4 as a fallback.

If the IPv6 addresses are all starting with fe80:: then these are link local only and don't offer Internet or any remote network connectivity.  So these are fine even if you don;t have IPv6 connectivity.


Some machines may connect to IPv6 via some sort of transitional technology. eg teredo.  This can be disabled by netsh commands. (which I cannot remember of the top of my head but you could google.) You could also block protocol 41 in your firewall to prevent teredo.
0
 
LVL 19

Assisted Solution

by:bevhost
bevhost earned 2000 total points
ID: 36934488
netsh interface ipv6 set teredo disabled
0
 

Author Comment

by:afflik1923
ID: 36936087
From the server (I've adapted a few bits just to disguise the customer)

C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER-S01
   Primary Dns Suffix  . . . . . . . : serveruk.local
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : serveruk.local

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
 VBD Client) #33
   Physical Address. . . . . . . . . : 78-2B-CB-4F-3E-73
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::cdcb:5a66:71cb:b68%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.168.20.250(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.168.20.1
   DHCPv6 IAID . . . . . . . . . . . : 309865419
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-FC-54-FE-78-2B-CB-4F-3E-75

   DNS Servers . . . . . . . . . . . : 172.168.20.250
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5709C NetXtreme II GigE (NDIS
 VBD Client) #31
   Physical Address. . . . . . . . . : 78-2B-CB-4F-3E-75
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D6304D8A-3A60-421A-B5F4-1D0F371AF79C}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{103A7BC3-83A1-4111-B709-90D0C8DB72D2}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Open in new window

0
 

Author Comment

by:afflik1923
ID: 36936089
From a workstation. I welcome any input.

C:\Users\user.SERVERUK>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : WST-10
   Primary Dns Suffix  . . . . . . . : serveruk.local
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : serveruk.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) 82567LM-3 Gigabit Network Connec
tion
   Physical Address. . . . . . . . . : B8-AC-6F-2D-2E-8D
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 172.168.20.210(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.168.20.1
   DNS Servers . . . . . . . . . . . : 172.168.20.250
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7D4148C4-6E8E-4BF4-BCB1-B6A893699D00}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Open in new window

0
 

Author Comment

by:afflik1923
ID: 36936109
Note: In response to bevhost, from a PC that still had IPv6 enabled please see the below.

FRom what you said if the ipv6 address starts with fe80 then it is not a public facing one and therefore do you think that disabling the Ipv6 will not actually make any difference?

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connecti
on
   Physical Address. . . . . . . . . : 78-2B-CB-A5-89-9E
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::65e5:9d88:cd1c:34f1%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 172.168.20.205(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.168.20.250
   DHCPv6 IAID . . . . . . . . . . . : 236454771
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-FA-E2-4B-18-03-73-B1-0F-D9

   DNS Servers . . . . . . . . . . . : 8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled

Open in new window

0
 
LVL 19

Assisted Solution

by:bevhost
bevhost earned 2000 total points
ID: 36937157
That last one is only using a public DNS (google one I think).
Why not have more than one DNS server.
I like to use a local one, local ISP one and a global one.
eg (I assume 172.168 is a private range eg 172.16 or 192.168)
172.168.20.250, 4.2.2.2, 8.8.8.8

having more than one DNS is a good idea.
If you have two internal servers I would use both of them.

If your primary DNS goes away of becomes unresponsive, things will still work.
0
 

Author Comment

by:afflik1923
ID: 36937385
Rememebr the 8.8.8.8 entry was only added because it solved the slow responsivness problem. My understanding is that additional DNS servers only come into play IF there is no response at all from the first (In fact I posted a question on it)

http://www.experts-exchange.com/Networking/Protocols/DNS/Q_27382702.html

But my question is, do you think that disabling the ipv6 on each workstation could make a difference?
0
 
LVL 19

Expert Comment

by:bevhost
ID: 36937592
No I don't think disabling IPv6 will help.
0
 
LVL 19

Assisted Solution

by:bevhost
bevhost earned 2000 total points
ID: 36937637
I believe the answer you accepted in Q_27382702 is a little misleading/confusing.

Primary and Secondary DNS refer to name servers that have a domain name delegated to them.  both serve out the same information.  If someone changes the information, they change it on the primary and and the secondary takes a copy so that they remain in sync.

Clients who look up that domain cannot tell from the NS records which is the primary and which is the secondary.  That is what the SOA record is for.  The SOA record doesn't necessarily have to point to a name server that the domain is delegated to, so you may have a primary name server on a private network with many secondary public servers which you delegate the zone to on the public Internet.

All this has very little to do with the client having more than one DNS Server listed in its resolver.  
see
http://en.wikipedia.org/wiki/Domain_Name_System#Client_lookup
and the section on fallback.
http://en.wikipedia.org/wiki/Microsoft_DNS#The_effects_of_running_the_DNS_Client_service
0
 

Author Comment

by:afflik1923
ID: 36938018
Do you mind posting a follow up to my other thread even though I have awarded points. I might re-open another thread if it opens debate.
0
 
LVL 19

Expert Comment

by:bevhost
ID: 36938450
I think you'd be better off asking the  Q_27382702 question again.
be sure to state what operating systems you are talking about and make sure the question is about client resolvers not DNS hosting.

As for this question when you change the DNS settings does the problem go away?
Are you local DNS Servers and DNS Client Services crashing?  eg does a reboot of the client or a restart of DNS service on your server fix the problem?
0
 
LVL 19

Assisted Solution

by:bevhost
bevhost earned 2000 total points
ID: 36938454
You might want to install firebug in your browser to see why the pages take so long to load
see
http://getfirebug.com/network
0
 

Author Closing Comment

by:afflik1923
ID: 37021494
Hi,
note tht disabling ipV6 was the solution in this case. Thanks for the input on this matter.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses
Course of the Month13 days, 23 hours left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question