Slow Internet access

'I verified that the Dns SERVER is configured correctly'

How? How is it configured exactly? Every server I come across running 2008 R2 needs Forwarders setup to make the internet resolution work 100% of the time...have you added Forwarders to your setup?

The forwarders are setup with ISP DNS server.

Add these DNS servers

208.67.222.222
208.67.220.220

Those are OPENDNS's servers...ISP DNS servers aren't always up to the task...that's the first thing I'd do

On the client machine when you run this

nslookup www.yahoo.com

What is returned?

We have an exchange server and when we added the opens a entries we were receiving certificate error messages.   Let me try it again

Certificate errors? Not sure what that means exactly...never got an error when inserting Forwarders unless the internet itself was down...

Just to confirm another thing - the DC has only 1 DNS entry on the main nic yes? The ip of the server itself?

Same for your clients?

When I added the Opendns to forwarders when running outlook they get a certificate error which is our mail server address.  Mail.server.comt.    It adds a t on the end of .com.  I have dhcp setup for clients pointing to server nic

Ok this makes no sense at all...

Forwarders are on the server, clients should never talk to them directly...

Can you post results of

ipconfig /all

from the server and 1 client please?

I will post it later today
Thanks

Server IP information.  Local LAN 4 is a Hyper V connection that we have setup on the server.  


Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : Jamescontrols.lan
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Jamescontrols.lan

Ethernet adapter Local Area Connection 4:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : hyperv
   Physical Address. . . . . . . . . : E0-DB-55-09-34-D8
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.2.3(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : E0-DB-55-09-34-D6
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.2.1
   DNS Servers . . . . . . . . . . . : 192.168.2.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{433983D7-FA8E-4EE5-AA0E-A8ED3F759F59}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DEAD5774-0A39-4D17-8CB2-37D754F40337}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Client IP Address

   Host Name . . . . . . . . . . . . : cmccarthy
   Primary Dns Suffix  . . . . . . . : Jamescontrols.lan
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Jamescontrols.lan

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Jamescontrols.lan
   Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connecti
on
   Physical Address. . . . . . . . . : 90-B1-1C-9B-3F-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.2.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, July 17, 2013 4:03:31 PM
   Lease Expires . . . . . . . . . . : Thursday, July 25, 2013 4:03:31 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.2
   DNS Servers . . . . . . . . . . . : 192.168.2.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Jamescontrols.lan:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Jamescontrols.lan
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Both those look spot on

Ok 2 questions

1. Is browsing faster when u added OpenDNS servers?
2. You said u get cert errors after adding OpenDNS entries - can u post screenshot for us to see?

Remove ur actual public dns name for security reasons

I wouldn't know if open DNS is any faster because of I don't leave them active because of the cert error.    
 

The error is exactly of what is attached but at the top instead of autodiscover. is says


mail.server.comt.   For some reason there is a T on the end of.com   Looks like it wasn't typed correctly but this only happens when running opendns addresses.  OWA work fine with no cert errors.
certWarning.png

This is from Outlook clients yes?

The part that you blanked out on the error screen - 'autodiscover.' - are you saying that it says

autodiscover.server.comt?
Instead of
autodiscover.server.com?

This is moving away from the initial 'slow internet' question but I'll see what I can assist with...

On a client when you DON'T have OpenDNS listed in Forwarders what does

nslookup <mail.yourdomain.com>

return?

This more and more sounds like a DNS config issue on the OUTSIDE of your network - but again depends on how you've setup your A records for your domain...

What address do you access OWA on from the INSIDE of the network? Are you using the FQDN public name like

https://mail.mydomain.com/owa

Or the sometimes used internal name like

https://mail.mydomain.local/owa?

you are correct regarding mail server saying mail.server.comt instead of mail.server.com.  This only happens when opendns forwarders are in.  

Looks like a DNS issue when I run nslookup on client I get the following response


C:\Users\mgalante.JAMESCONTROLS>nslookup mail.server.com
Server:  UnKnown
Address:  192.168.2.2

DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out

Ok, that output was when you DON'T have OpenDNS...what is returned when you DO have it listed?

Blank the public ip as well - but if it shows the CORRECT public ip then report that
If it reports the INCORRECT public ip again let us know

I made a mistake with last post.  MY fault.

After running NSLOOKUP mail.server.com

Results
Server:  UnKnown
Address:  192.168.2.2

name: mail.server.com
Address 192.168.2.4

I used wrong domain on last nslookup.  My apologies

NSLOOKUP WITH OPENDNS

2.2.168.192.in-addr.arpa
        primary name server = localhost
        responsible mail addr = nobody.invalid
        serial  = 1
        refresh = 600 (10 mins)
        retry   = 1200 (20 mins)
        expire  = 604800 (7 days)
        default TTL = 10800 (3 hours)
Server:  UnKnown
Address:  192.168.2.2

Name:    mail.SERVER.com
Address:  192.168.2.4

Did you run those nslookups from a CLIENT?

YES

Well from that I can see resolution is working...its resolving your 'mail.yourdomain.com' to the internal IP of the mail server - this is normal...

How did you setup Outlook? Check the Account settings for the client to see what name is listed in the server section...

What version Outlook? What version Exchange?

Exchange 2010, outlook 2010

server address is mail.server.com.     So you think maybe my firewall or switch is causing the Speed issue?

Not sure...

Lets see if Google's DNS servers report the same issue...

Remove OpenDNS entries and add these 2

8.8.8.8
8.8.4.4

Those are Google's DNS servers - want to see if the exact same issue arises(with the cert issue)...

With gooogle dns server I am receiving no certificate errors.   Lets see how the speed is.

Speed with IE is still an issue.  Page are displaying correctly or  I get page can not be displayed.   Got me stumped.

Having the same issue with IE and google chrome.   I am leaning towards hardware issue.  Firewall is Netgear vpn fvs318n with a 48 port gigabit switch.

Yep I'm heading that direction myself...what type of broadband are you connected to? Wonder can we get your machine(a client laptop/pc) plugged into the router directly - setup with public DNS entries on the machine and retest...

If this works - we are back to square one...if it doesn't - you have a hardware issue I think

Fios Broadband.  I am going to try that early next week and see what happens.
I will post my results.

Thanks for your help.

Cool...will wait for the results

Ok, I plugged directly into Verizon's modem and internet was no problem.  I connect directly to firewall and the speeds are running slow again.  page can not be displayed, taking 1-2 mins to load.  The Netgear vpn firewall is a month old.  Not sure if I should try switching out firewall or if it is a internal server issue.
JB

Are you connected DIRECTLY to the firewall? No switch in between? If so then your firewall is the issue I'd guess...

When directly connected try using public DNS server entries(again this takes servers out of your loop) - if this passes and you can get good speeds and resolution then yes...your server is the bottleneck...if not then the firewall is doing something that is causing your issue

Not familiar with the Netgear models...does it have any type of 'filtering' applied to connections?

I am going to put the dns entries for my isp into one of the client machines. tonight.  I will let you know how I make out.
Thanks
Jon

You know what I did notice.   We are running a hyper v machine on our domain controller.   In the event viewer I see a duplicate name exist on the network.   I ran nbtstat -n.  It is giving my the actually primary NIC address 192.168.2.2 and the virtual nic 192.168.2.3.  I wonder if this is causing some of our problems.   Also the 192.168.2.3 address only has subnet mask is this normal for hyper v.    ##### is because I removed domain name.  Let me know what you think.  
Thanks


Local Area Connection:
Node IpAddress: [192.168.2.2] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    SERVER         <00>  UNIQUE      Registered
    #####  <00>  GROUP       Registered
    #####  <1C>  GROUP       Registered
    SERVER         <20>  UNIQUE      Registered
    #####  <1B>  UNIQUE      Registered

Local Area Connection 4:
Node IpAddress: [192.168.2.3] Scope Id: []

                NetBIOS Local Name Table

       Name               Type         Status
    ---------------------------------------------
    SERVER         <00>  UNIQUE      Registered
    #####  <00>  GROUP       Registered
    #####  <1C>  GROUP       Registered
    SERVER         <20>  UNIQUE      Registered
    #####  <1B>  UNIQUE      Registered

C:\Users\Administrator>

I'm by no means a Hyper-V expert but I don't think its a good idea to run a VM on a DC at all...so yes this could be causing issues in general...

Are there 2 physical nics in the server? Normally you assign 1 nic to the VM to try to split these type of issues...

Other thing to look at is in the DNS Console of the server - right click server, properties
Under the Interfaces tab - what ip is listed for 'Listen on'? Should only be the ip of the actual DC - so check that the 2.3 ip isn't listening for DNS queries...

I know it is not a good idea to run hyper v on DC but client didn't want to spend additional cash?   The 2.2 is the only IP listening in the DNS.       The 2.3 is configured as a hyper v virtual adapter.    the actual hyper v ip is 2.4.  

   When I ping the server from the client it responds with the 2.2 address.

Thanks for your help.

2 questions...

1) This 'slow internet' - how long has it been happening? Any chance its since or not long after you spun up the VM on this machine?

2) Duplicate name exists on network - that's not a good sign...like I said I'm not that hot on Hyper-V at all but I assume its because the Hyper-V instance has created the virtual nic(2.3) and now that's sitting alongside the existing physical nic on the SAME machine...so DNS gets confused...

It was running good while the hyper v was running they had Comcast and after a few months and some new employees they noticed the internet was slow.    They switched to Fios and it didn't improve at all.   When you are connected directly to fios speed is great.     I guess I can try and take down hyper v disable the NIC and see how it runs then.

That would be a good test yes

Shut down the Vm disabled the hyper v NIC and still having internet issues.    I am leaning towards switching out the firewall to see what happens.
Jon

2 more things...

Did you reboot the host after stopping the VM and disabling the virtual nic?

Did you at any time put a public dns entry on a client machine to see if resolution works? Obviously it will break internal things(AD/Outlook) but just to see if resolution to outside works - this would eliminate the firewall i think...

I input the public dns into a client and had no problems at all.    so it looks like a DNS issue on the server.  Not sure where to go from here.    
Thanks for your input.
Jon

Good...we are getting places at least...

Ok well this now comes back to Hyper-V I think...since its not supported or even recommended running on a DC I think it has to be related(since all your other settings are per recommended best practises)

What does this VM do exactly?

If it were me I'd now go back to the client and advise that running this VM on the domain controller is leading to these issues...surely they can afford to even spin up a decent high spec pc of sorts and even run VM Player if needed...not sure of what exactly the VM is doing but from the logs on the server and the issues with DNS I'd have to conclude its related to the Hyper-V unfortunately...

THE vm machine is running exchange 2010.  I shutdown the vm machine disabled the nic rebooted the server and a  client machine.   I am still having the same issue event with the vm machine shut down and nic disabled.    I will do some more research tonight to so if I can find out what is causing this.
Thanks for your help.
jon

Thanks for the help  smckeown777