Solved

SBS2011 Server losing packets

Posted on 2014-07-31
13
368 Views
Last Modified: 2014-08-04
Hello, so this customer of mine has a Windows network with SBS2011 Essentials on the server and W7 64bit on 3 clients.

There was a lag problem for all software on the clients connected with the server, so we tested it all by pinging and there's a heavy loss of packets when you ping the server from any client.

This doesn't happen when clients ping each other: no loss whatsoever.

Also, it doesn't happen if you ping a client from the server, so it's one-way only.

The packet loss seems to be totally random, it won't happen for an hour then start to happen every few minutes.

On average, I'd say about 5% of the packets is lost, but the loss happens in waves, so it's heavily felt on the client machines.

We tried changing switches and cables, disabling all non-essential services on the server but still we couldn't find the cause of this. We used Process Hacker and other tools, but to no avail.

The network is behind a Zyxel firewall, but it shouldn't interfere at all with the LAN.

So can anybody help me diagnose this? Thanks.
0
Comment
Question by:Daniele Brunengo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
  • 3
13 Comments
 
LVL 22

Accepted Solution

by:
David Atkin earned 250 total points
ID: 40232176
Hello,

I'd start by checking that your NIC drivers are up-to-date.  I'd think about swapping out the NIC as well to rule it out.

What switches do you have on site and how many?
0
 

Author Comment

by:Daniele Brunengo
ID: 40232188
Thanks.

About the switches, they have all been bypassed in one of our tests, we tried connecting all to the same switch, also changing the switch, and it still happens. Drivers are up to date. Trying another NIC is one thing we didn't try.

Right now I'm off-site though, so I can only work remotely. Is there anything software-wise you think I could try out?
0
 
LVL 16

Expert Comment

by:choward16980
ID: 40232215
Packet loss even after all that troubleshooting is almost guaranteed hardware.   You could check in device manager and see what you have your flow control, frame size, etc set to.  Although, I'm confident David's suggestion above about replacing your interface card is the best bet.  

In the worse case scenario, you could even have a bad onboard NIC or PCI bus.
0
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

 

Author Comment

by:Daniele Brunengo
ID: 40232232
I can try that on saturday. What seems strange to me though is the fact that the loss is only with client pinging server and not with server pinging client. I am just now pinging two clients from the server and I have 100% passed: at the same time I am pinging server from each client and I have 95% on one and 94% on the other.
0
 

Author Comment

by:Daniele Brunengo
ID: 40232234
Sorry, my colleague just told me he already tried with two different NICs, same problem.
0
 
LVL 16

Assisted Solution

by:choward16980
choward16980 earned 250 total points
ID: 40232529
Interesting... Try disabling windows firewall temporarily?  Test and see.  Do both server and client have IPv6 enabled?  Are you ping via Hostname or IP?

Make sure to clean up superfluous pointer records in your dns.

EDIT:

http://www.networksteve.com/forum/topic.php/Packet_Loss_-_Server_2012_&_HyperV/?TopicId=39878&Posts=9

Take a look at that also.  This seems to be a common issue but I've never heard of it.  The two culprits in most cases are ipv6 and dns, either misconfigured or duplicate pointer/host records
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 40233540
IPv6 would have been my next suggestion as well.

If you have any Anti-Virus installed on the server then temporarily disable this as well just to rule it out.

If you go on task manager and look at the network performance, is it doing anything unusual? Or is it relatively low activity?

Is the network gigabit?
0
 

Author Comment

by:Daniele Brunengo
ID: 40233550
The ping has been done via ip usually. Windows Firewall has been disabled on domain level.

I have been testing with IPv6 but disabling it doesn't seem to do the trick as it did for a guy in the page you found.

I still have to check dns.
0
 

Author Comment

by:Daniele Brunengo
ID: 40233590
Antivirus has been disabled together with most Services.Network's gigabit.

One importante thing I forgot to mention: safe mode with networking makes the problem go away.
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 40233593
I'd refer back to the drivers again then.  When you replaced the network card was it the same model of card using the same driver?
0
 
LVL 16

Expert Comment

by:choward16980
ID: 40234507
I would go with an entirely different brand and chipset of network card (preferably intel if you're not already) and install the latest drivers from the website.

Also, not sure about windows 2012, but you used to have to do cleanup after p2v for windows.  I'm wondering, since microsoft's OS has strayed the user so far from the kernel, if going from 08 to 12 has installed some form of virtual or TAP devices for any of your legacy hardware.  Try taking a look at everything network related, delete and re-install in device manager.

How to show orphaned and hidden devices in device manager:
http://support.microsoft.com/kb/315539

set devmgr_show_nonpresent_devices=1
start devmgmt.msc
Click Show hidden devices on the View menu in Device Manager
0
 

Author Comment

by:Daniele Brunengo
ID: 40234765
We tried with 2 Intel cards and a Realtek chipset card. No change.

We're going to format everything tomorrow, it's taking too much time to diagnose this.
0
 

Author Comment

by:Daniele Brunengo
ID: 40239519
So after formatting everything's perfect. Still would have loved to know what the hell was wrong in the previous setup, but we inherited it and were on a schedule. I'll distribute points since you were all quite helpful and it was a learning experience.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Transparency shows that a company is the kind of business that it wants people to think it is.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question