Solved

Trace route on a Windows 7 clients times out  for Google.com

Posted on 2015-01-16
43
356 Views
Last Modified: 2015-01-19
Any ideas why a trace route on a Windows 7 clients times out (*) for Google.com? Same tracert works fine when initiated from the server & domain router (Linksys).

This is a Windows Server 2008 R2 domain. Client claims that a server reboot or Comcast router reset the network  responds normally but slows down after a couple of hours. Clients & Server 2008 R2 all run Trend anti-virus

DSL Reports Speed test:
13.7M down/1.3M with 32ms latency at the server (tests remotely via LogMeIn)

Comcast router was replaced & I can't currently logon but the domain router seems to work fine. Hopefully Comcast router is full pass through. Domain router passes out DHCP to clients.
0
Comment
Question by:Randy Downs
  • 25
  • 14
  • 3
  • +1
43 Comments
 
LVL 29

Author Comment

by:Randy Downs
ID: 40554800
Note that other clients are similarly slow on the network & at least one has the same issues with trace route.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555270
traceroute on windows uses ICMP packets.
First many providers might not want their internal network mapped out so they discard/ignore/not respond these.  These are also low priority such that they are not responded to.

Traceroute is a snapshot of the path the packet you sent took to get to the destination.

are you saying that you have X systems, two of which get these timeout responses while the rest do not?
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555293
It's a small Windows 2008 R2 domain and the 2 clients I tested timed out with trace route. The server had no problems and neither did the router that handles the network (192.168.0.xxx).

The Comcast cable modem was changed out yesterday because of speed issues. Customer complains that it takes 20-30 seconds to make a connection to Google. When the server is rebooted they claim that response times are OK for a couple of hours.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555297
Note that the browser on at least 1 client fails to connect to websites so I starting to suspect cable modem is not pass through as it should be.
0
 
LVL 17

Assisted Solution

by:BudDurland
BudDurland earned 32 total points
ID: 40555309
Have you tried eliminating DNS as a factor?  You said the "domain router' is handing out DHCP.  Which machine is handling DNS?  Of course, the Domain controller should be, but how is it configured to resolve non-local hosts (forwarders, etc).
0
 
LVL 57

Assisted Solution

by:Jim Dettman (Microsoft MVP/ EE MVE)
Jim Dettman (Microsoft MVP/ EE MVE) earned 63 total points
ID: 40555310
Check for DNS issues...can you do a trace route by IP to google OK?

Jim.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555334
The tracert for 2607:f8b0:4000:809::1008 works fine so I guess DNS is the culprit. It's a single server domain,

ipconfig /all shows the server as handling DNS & gateway but it lists the server (192.168.0.XXX) and an ipv6. Listing the ipconfig. I hope it doesn't reveal any public ips. I masked the last set of numbers on ipV4 & ipV6 with Xs.

 It looks like the cable router is acting as a gateway & DNS server. I will need to reset Comcast router unless the office has the password. Default doesn't seem to work.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F0-4D-A2-F9-C0-96
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:e:1301:e7f0:a8cc:fdb2:140:XXXX(Prefe
rred)
   Temporary IPv6 Address. . . . . . : 2601:e:1301:e7f0:790b:b76e:3424:XXXX(Pref
erred)
   Link-local IPv6 Address . . . . . : fe80::a8cc:fdb2:140:246f%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.X(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::4af8:b3ff:feb2:60d0%XX
                                       192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 250629538
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B6-81-E8-F0-4D-A2-F9-C0-96

   DNS Servers . . . . . . . . . . . : 2601:e:1301:e7f0:4af8:b3ff:feb2:XXXX
                                       192.168.0.XXX
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
 
LVL 76

Accepted Solution

by:
arnold earned 405 total points
ID: 40555353
If your SBS functions as a router WAN external connection, LAN internal Connection?


192.168.
172.16-31.x
10.x.x.x are private IP spaces and need not be masqueraded as ........ use these IPs in various aspects.  one need only masquerade Public IPs.

If you lookup google.com and use the IP in the browser, does the page load?

Try resetting IE and make sure when it prompts for the initial config, do not skip and see if the issue is related to user skipping the initial IE config which ends up running IE in a restricted mode.

disable friendly errors, and see what the actual error is.  if any.

Presumably all systems refer to the SBS as the DNS provider.  Does your SBS DNS settings include forwarding or is the system looks up and caches the information requested of it.?

If forwarders are defined, I would suggest removing them.
0
 
LVL 57

Assisted Solution

by:Jim Dettman (Microsoft MVP/ EE MVE)
Jim Dettman (Microsoft MVP/ EE MVE) earned 63 total points
ID: 40555384
<<If forwarders are defined, I would suggest removing them. >>

 If he removes the forwarder, nothing is going to resolve if he still points an internal server for DNS.

 Sounds like the forwarding is currently broken.   What's probably happened is that the existing forwarder points to a DNS server that is no longer available.   Since the server works, do an ipconfig/all on the server and seeing what it lists for DNS servers.  

 You either need to fix the forwarder on the server, or point the clients to another DNS server.

 I would do the former and let the server handle all the DNS queries.   Setup is here:

http://technet.microsoft.com/en-us/library/cc754941.aspx

Jim.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555395
The DNS has or should have root servers listed. Forwarders were often advised long ago to offset the bandwidth consumption from the DNS lookups.  The use of forwarders at times prevents the caching of responses or can lead to DNS poisoning if a forwarder is no longer available.

As long as the local DNS server is not defined as a root server, it should have all the root servers a.root-servers.net -l.root-servers.net in the root servers list under the properties of the DNS server in DNS management interface.

An SBS/AD must never have its client pointing to external DNS servers or the AD environment will not function.  The workstations in an AD environment query the DNS to locate the DC in the environment through which they authenticate users.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555404
I deleted a forwarder that didn't resolve - 192.168.0.2. I think that is a carry over from when the domain had another DC. This domain was at another location a few months ago.

When I ping Google.com I get 2607:f8b0:4000:807::1001. Ping times out as expected but I do get a Google search for that text.

This not SBS and no it doesn't function as router for WAN/LAN. I was using Chrome for the connections but I will give IE a try. I am not sure that the IPV6 is the Windows 2008 R2 Standard server. is there a way to tell?
0
 
LVL 57
ID: 40555412
before we go any further, is this a SBS server?  What's the general setup for the domain?

Jim.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555418
look at the DHCP server configuration, scope options, and see whose DNS Ips you are setting there.
It seems that the DNS is being set to the same server one using an IPv6 IP and one using an IPv4 IP.

I would not blame it on the browser.  But there is no way based on the information you provided to determine what the issue is, but only suggestion on things to check.

compare the IPs of the systems that work with the IPs of the systems that do not work.
note the IP and Mask. Comapre them to the settings on the router. i.e. a mask mismatch would cause this type of trouble. i.e. mask set to 255.255.255.128 on the non working IP

Is your DHCP server configured to assign both IPv4 and IPv6 ips?

The system whose info you posted, is using a static IP
Is this IP part of allocation group on the DHCP server such that it might have been assigned to another system?
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555437
Jim this is not SBS. There is just one server - Windows 2008 R2 Standard
0
 
LVL 76

Expert Comment

by:arnold
ID: 40555441
Which systems allocates IPs router, windows server, or Statically configured on each workstation?
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555444
DHCP is being handled by the domain router (Linksys). It hands out ips from 192.168.0.100 to .149. DNS on the router is 75.75.75 & 75/75/76.76. I'm not sure how you tell if ipV6 is enabled on the Linksys router.

DNS is being handled by the server and points to itself (192.168.0.253).

The working systems use static ips while the non-working ones are using DHCP. It's a small domain so maybe I should just switch to static ips.

The system I posted has a dynamic ip but I am connected remotely via TeamViewer. It does have DNS specified manually. Not sure why  it's setup like that.

FYI, I did get into the Comcast router and it seems to be setup OK(i.e., DHCP & NAT are disabled)
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555445
Arnold router hands out ips
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555447
Jim here's the server (192.168.0.253) ipconfig

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : D4-AE-52-D2-6F-42
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.0.253(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.253
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555450
Note that the Chrome browser works when you use it for searches. It;s just can't translate  website names to ips.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555473
Actually the client I posted earlier was indeed static so no clients are translating ips well.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555493
I disabled IPv6 firewall on Comcast router. Not sure if that does anything for me.

A 2nd client is working now.  I assumed it would not since malware Bytes removed 600 "non-malware" items. Tracert still fails to run on this client but maybe that's by design.

I'll check other clients to see if problem is getting better.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : A4-1F-72-61-3A-19
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:e:1301:e7f0:7ded:46bb:fd59:17be(Pref
erred)
   Temporary IPv6 Address. . . . . . : 2601:e:1301:e7f0:153d:e5c5:975a:67ca(Pref
erred)
   Link-local IPv6 Address . . . . . : fe80::7ded:46bb:fd59:17be%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::4af8:b3ff:feb2:60d0%11
                                       192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 245636978
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-98-70-A7-A4-1F-72-61-3A-19

   DNS Servers . . . . . . . . . . . : 2601:e:1301:e7f0:4af8:b3ff:feb2:60d0
                                       192.168.0.253
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 29

Author Comment

by:Randy Downs
ID: 40555538
I am back to chasing DNS. The clients are at best flaky. I can get to Google search or even the websites if I search 1st on one of the clients. Is there a way to test DNS on the server?

arnold - how do I tell if root servers are listed in DNS? I see root hints pointing to some obscure local ip (192.168.148.17). Not sure how that got there & it doesn't ping.

I see occasional warnings in the DNS global logs.

The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555556
I restarted DNS server and things seem to be better. Also used CCleaner on troublesome client. Will wait for customer to evaluate network on Monday.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555769
In DNS zones, make sure you do not have a . zone.
But it seems that you've already adjusted to make sure your root hints section is populated with root servers.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555778
According to your IPconfig all IPs are set manually versus being assigned by a router or a windows DHCP server.
DHCP enabled: no and there is no reference to the DHCP.

which system has 192.168.0.253?
The only one that should have a static IP is the server. All others, should get their IP/DNS settings assigned via DHCP.

This way you have to change the DHCP scope options to push a different DNS server or an additional.

If you are not in an AD environment, you can have the comcast router assign both IP and DNS servers.

The router might also be configurable to set the clients to query the .253 as the DNS server.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555798
I don't see DNS zones in DNS manager. Forward Lookup Zones are mostly blank other than sub-directories. The only records I see are for the domain server (192.168.0.253). Nothing in Reverse Lookup Zones or Conditional Forwarders.

I finally came to realization that the client machines were static ips. I think I did this the last time I had issues with this network. It is an AD environment and I guess I am not using DHCP but it is running on the domain router (192.168.0.1). Comcast router is pass through (10.1.10.1)

Things seem to be working better after restarting the DNS service. I suspect removing the forwarder for the old server was the fix & a restart got it going.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555809
You should have your AD DC server configured also to have DHCP configured with the scope and a scope option to allocate the DNS server(name server) While disable the DHCP portion on the router.
Also default route to the LAN IP of the router.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555827
We had issues with the DHCP on the server so stopped the service.

I turned off router DHCP & authorized/enabled on server. Maybe it will work now that DNS is back on track. Should I run both ipV6 & ipv4? It's a small network
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555829
The DHCP scope options were  pointing to the old server. Maybe that's why we shied away from using DHCP here. So far, I haven't connected to a DHCP client so can't confirm it's working but the server 192.168.0.253 & the gateway router 192.168.0.1 are correct. The router does list 0.0.0.0 which seems strange.

I do have this warning so I guess I need to set some credentials for DHCP.

The DHCP service has detected that it is running on a DC and has no credentials configured for use with Dynamic DNS registrations initiated by the DHCP service.   This is not a recommended security configuration.  Credentials for Dynamic DNS registrations may be configured using the command line "netsh dhcp server set dnscredentials" or via the DHCP Administrative tool.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555830
it is up to you. I currently run IPv4 only, though do not disalbe the ipv6 protocol on the server.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555832
run the netsh, this will let DHCP register the hostnames/ipaddresses it allocates rather than wait for the client issue the dns update when an IP is assigned. (look under advanced options for tcp/ip properties)
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555841
Got it. Thanks for your help. It will be Monday before the network gets a live test.

netsh dhcp server>set dnscredentials XXXX XXX XXXX

Command completed successfully.
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555844
though make sure the default router in scope options point to the 192.168.0.1 LAN IP or router.

003 router
006 DNS  server/s
015 domain name

There are other options you can push to the clients, NTP server, Time servers, advertise SMTP servers.

etc.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555868
Those 3 are setup but the router shows 192.168.0.1, 0.0.0.0 but when you open properties only the 192.168.0.1 router shows. Not sure I have seen that before.

Also the domain doesn't exactly match AD. The domain in AD (Active Directory Users & Computers) shows: corp.domain.com

003 router 192.168.0.1, 0.0.0.0
006 DNS  servers 192.168.0.253
015 domain name domain (doesn't list subdomain - hope that's OK)
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555874
you should remove the 0.0.0.0 from route, I think that will confuse the routing table.

domain is fine, i suspect in your context, i think subdomains are actually hostnames.
i.e. mydomain.com
computer1.mydomin.com is a hostname not a subomain.

if you have HQ and branches organized as mydomain.com brancha.mydomain.com then those will be subdomains and you might want to add the subdomain, brancha.mydomain.com into this list at the branchA dhcp scope.
look within the options, I think there is a search domain option as well.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555878
The router showed 0.0.0.0 in the Scope Options window but not properties. I removed & added it back so now the 0.0.0.0 is gone.

This network is not connected to a WAN but users logon to corp rather than the domain. The DHCP server name is actually server.corp.domain.com
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555882
Do you have VPN where the 2008 server terminates the VPN such that the local workstations encrypt/vpn through the 2008 to other side VPN.

Is there an active workstation on to which you can RDP to alter/confirm their network setting. change to DHCP, and then locate the IP via the DHCP interface to see what happens? preferably one that .......
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555884
Yes I can connect from my home to client PCs via VPN. i could also make the changes via TeamViewer but it 's a good idea to check VPN too
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555886
My only problem with VPN & a new ip is that it won't let me connect remotely using the computer name. That's why I have static ips on most of these clients. Still I can get the ip via Teamviewer.
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555888
DHCP seems to work. I masked the domain as DOMAIN

C:\Users\bjohnson.CORP>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Vostro-Bema
   Primary Dns Suffix  . . . . . . . : corp.DOMAIN.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : corp.DOMAIN.com
                                   DOMAIN




Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : DOMAIN
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : A4-1F-72-61-3A-19
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:e:1301:e7f0:7ded:46bb:fd59:17be(Pref
erred)
   Temporary IPv6 Address. . . . . . : 2601:e:1301:e7f0:e133:6786:1287:edba(Pref
erred)
   Link-local IPv6 Address . . . . . : fe80::7ded:46bb:fd59:17be%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.50(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, January 18, 2015 12:18:54 AM
   Lease Expires . . . . . . . . . . : Monday, January 26, 2015 12:18:54 AM
   Default Gateway . . . . . . . . . : fe80::4af8:b3ff:feb2:60d0%11
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.253
   DHCPv6 IAID . . . . . . . . . . . : 245636978
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-98-70-A7-A4-1F-72-61-3A-19

   DNS Servers . . . . . . . . . . . : 2601:e:1301:e7f0:4af8:b3ff:feb2:60d0
                                       192.168.0.253
   NetBIOS over Tcpip. . . . . . . . : Enabled
0
 
LVL 76

Assisted Solution

by:arnold
arnold earned 405 total points
ID: 40555891
if the local DNS forward/AD is corp.domain.com this is what you should have in 015 domain.

This so the local host register in the local DNS zone rather than try to send their registration to the main DC/DNS server.
the above suggestion depends on your AD forest setup/delegation if any.
i.e. main HQ is domain.com
not sure how corp is .......

look at the forward zones on the local DC.

glad this seems to resolve ....
0
 
LVL 29

Author Comment

by:Randy Downs
ID: 40555900
I changed the DHCP domain to match forward zone  on DC.  I restarted DHCP for good measure.

This is a single server domain.

The client I switched to DHCP had other issues but CCleaner & a reboot resolved those.  Seems to work from here. the final test is Monday when the customer tries his network.

Thanks again for so much information.
0
 
LVL 29

Author Closing Comment

by:Randy Downs
ID: 40558130
Thanks for all the great assistance I received on this post. The fix for DNS was removing the forwarder but it didn't kick in until  I restarted the service. A special thanks to Arnold for helping get DHCP sorted out too..
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now