DReplication stops after office move

We have the following Scenario
SBS Server (Main Server) to DR Server (remote Site) DFS working ok
Client moved Office with the Main server (New public IP on Virgin Broadband)
Firewall disabled on Virgin Router
Client has Cisco HW firewall in place
After the move the setup is
Virgin router  Netgear 4 port Switch        Cisco Firewall (Data/Mail)
We now have the issue, after the servers are rebooted DFS works fine for 25 mins, then it drops the DFS namespace from the DR Server
DFS then only works in one direction,
DR Server  Main SBS server ,
Ping works in both directions ip & Name
Assist-NetopaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Assist-NetopaAuthor Commented:
As an additional note we are getting:

ActiveDirectory_DomainService 1865
ActiveDirectory_Domain_Service 1311
ActiveDirectory_Domain_Service 1566

But also in the Sites and Services MMC we have a Conflict site with the GUID
CNF-AD-SS.JPG
Assist-NetopaAuthor Commented:
We have removed the CNF entry from Sites and services on both sites the problem persists.

From troubleshooting AD the issue appears to be with AD port traffic not getting through in one direction. From research this maybe to do with MTU sizes and the traffic being dropped between the sites. I can't get 389, 3268 or 135 to connect when using portqry.

If I ping the problem DC with ping problemDC -f -l 1392 it responds but it fails with a data size any higher than that.

On another system which works the data size can be as high as 1406
Assist-NetopaAuthor Commented:
I have modified the LAN interface on the server where the packets are sent from but not received by the partner DC with following this article:

http://www.sysadmintutorials.com/tutorials/microsoft/windows-2008-r2/how-to-set-windows-2008-r2-mtu/

The problem is the MTU size before fragmentation seems to be dropping lower on a daily basis on the 9th it was 1392, yesterday when I made this change is was 1358 and today it is 1330?

AD Replication is currently working in both directions but DFS still has some RPC issues which results in intermittent DFS connectivity.

Why would the pingable packet size be dropping between the sites? Surely if the issue was a black hole router the configured status would be static unless it keeps using a different route to the site yet because it is over an IPSEC VPN tunnel I can't use tracert to see any difference

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Assist-NetopaAuthor Commented:
system is working after self found MTU guidance
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.