Solved

Slow Internet Through Lan

Posted on 2014-09-28
9
413 Views
Last Modified: 2014-09-30
I have a medium sized network with 2 domain controllers that handle DNS and DHCP. They are failovers for each other. I have the DNS entries on each server as 10.1.x.x and 10.1.x.y with a third DNS entry of an ISP DNS server. I have recently upgraded to Cisco managed switches SG300 series. For some reason my users are experiencing slow web page response when they try to access an internet site. It seems to be having trouble resolving the URLs via DNS. When users attach to my guest public network, which is before my firewall and switches, the responses are normal on the same Internet pipe. Should I be setting up DNS on the switches as well? Not real sure what the proper protocol is for this scenario.

Please let me know if anything is unclear or more info is needed.

Thanks
0
Comment
Question by:JJENSEN3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 58

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 166 total points
ID: 40349134
You should bit have any DNS entries pointing non AD DNS servers. That alone can cause real performance issues.   To improve external lookups, another thing you can do is configure your DNS servers to use forwarders that have quick response times for your uplinks. Perhaps ISP DNS servers, or perhaps other 3rd party servers. Root hints are very reliable, but you usually sacrifice some performance for that reliability.
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 40349135
Hello,

How many users are affected?  Is it all or just some?  Is everyone using the same computer specs?  I don't think DNS is necessary on the switches directly.  Have you already tried flushing DNS cache on the workstations?  Are you using DNS forwarding on the domain controllers?  If not, I would recommend setting DNS forwarding on both controllers and point them to google's or open DNS servers.
0
 
LVL 15

Accepted Solution

by:
Skyler Kincaid earned 334 total points
ID: 40349251
Typically with Active Directory Integrated DNS zones there is no reason to have the DNS servers pointing at each other for DNS.

For each server you should have the DNS servers be its IP address and the loopback IP of 127.0.0.1. You should also disable root hints and enabled forwarders (we also set forwarders to 8.8.8.8 and 8.8.4.4).

As the first post said you never want to use the ISPs DNS servers. Google's DNS servers are much less likely to go down or have issues.

When you are handing out DHCP you would then hand out both of your DNS servers and nothing else.

If that doesn't work can you try setting static DNS servers on one of the computers, flushing DNS and seeing if you are able to browse normally? If you are then it is a problem with your DNS servers that we will have to dive into deeper.

Let me know if you need help with disabling root hints and setting up the forwarders.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:JJENSEN3
ID: 40349969
Great input from everyone. I definitely see I have some things to try. xKincaidx, I could use some help with setting up forwarders and disabling root hints.
0
 

Author Comment

by:JJENSEN3
ID: 40350886
In addition to all of this, I have a Sonicwall TZ215 firewall. What DNS server settings should I use? ISP or my internal servers?
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40350892
Why does it need DNS at all? The answer to that will answer your question.
0
 
LVL 17

Expert Comment

by:bigeven2002
ID: 40351370
If I remember correctly he sonic wall does have active directory integration.  If you use this feature then you can use the internal servers, otherwise set them to your ISP servers or whatever your DNS forwarding is pointing to.
0
 
LVL 15

Assisted Solution

by:Skyler Kincaid
Skyler Kincaid earned 334 total points
ID: 40351480
Set the Sonicwall's DNS servers to 8.8.8.8 and 8.8.4.4.

To disable root hints on your DNS servers:

1. Open the DNS console
2. Right click on your server
3. Click on properties
4. Uncheck the "use root hints if no forwarders are available box"
5. Click edit and add 8.8.8.8 and 8.8.4.4
6. Restart the DNS server and client services

Let us know if you have any questions.
0
 

Author Closing Comment

by:JJENSEN3
ID: 40352021
Updating these settings and reducing some firewall scanning has significantly improved performance. Thank you to all.
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question