Solved

Re-Subnetting Caused Server Slowdown

Posted on 2016-08-28
37
58 Views
Last Modified: 2016-09-06
Do to a Comcast issue I had to re-subnet a network from 192.168.0.0/24 to 10.1.10.0/24. Small network. 20 workstations all Windows 7 Professional. Server is 2012 R2 Standard.

For some reason is has brought the network to its knees. The server appears to be running slow but I can't find it. Task manager shows no CPU or Memory usage. No disk activity. Yet documents (Word, Excel) are opening and saving painfully slow. Red Xs on network drives. Just general slowness.

Can't find the problem. Any ideas?
0
Comment
Question by:LockDown32
  • 11
  • 10
  • 8
  • +5
37 Comments
 
LVL 1

Accepted Solution

by:
Nico S earned 85 total points
Comment Utility
can you check the DNS settings.
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
That was my first though. The DNS looks fine unless you have any specifics you want me to look at....
0
 
LVL 78

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 83 total points
Comment Utility
Check your switch configurations.
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
Nothing trick with the switches. No routing or anything else. They are web managed and just have one IP setting. They are, however, dated. It would just seem odd that they would go south at the exact same time. Attched is a screen shot of the Resource Monitor. Nothing really odd about it is there?
Capture.PNG
0
 
LVL 37

Expert Comment

by:Neil Russell
Comment Utility
"Red Xs on network drives"
Almost certainly you have stale records for mapped drives pointing at the old IP addresses.
Have you tried deleting the network drive mappings and recreating them.
0
 
LVL 90

Assisted Solution

by:John Hurst
John Hurst earned 83 total points
Comment Utility
Can you restart the server? Maybe you already did.

Take one computer and run TCP/IP Reset.

Open cmd.exe with Run as Administrator
Then  netsh int ip reset c:\resetlog.txt
Also, ipconfig /flushdns followed by net stop dnscache followed by net start dnscache
Then restart the computer

See if the one computer responds better.
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
Also (reflecting on one client issue years ago), did the person before you install a Proxy Server?
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
Server has been rebooted several times. Drive mapping are always delete and remapped from ground zero at logon. Some lady came in yesterday and noticed that her workstation had red Xs. Rebooting fixed the problem. There were three other workstation that were on. All 3 had red Xs through the drive letters.

I rebooted one, opened my computer and there was nothing but a C: drive. Then, slowly, they 8 drive mappings appeared but you could see them show up. One at a time. All green and accessible but I had time to log in and open my computer. Then they started showing up. Slow motion. I
rebooted the other three and the same thing happened. People have complained about slow speed opening and closing Word and Excel docs. Just odd. Nothing points to anything.

No proxy server. I can't reset the IP stack because I am doing this remotely.
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
What about my other 2 suggestions ?
0
 
LVL 1

Assisted Solution

by:saumik belel
saumik belel earned 83 total points
Comment Utility
--Run the chkdsk cmd - check for errors or bad sectors.
--Run a DNS test - Dcdiag /test:dns, In DNS manager check your forwarders tab, if any unwanted IP address or not reachable IP address. Check your reverse lookup zone.  
-- Make sure old ip address are removed from DNS & Nic card. Dns server is listening to correct ip address (https://technet.microsoft.com/en-us/library/cc755068(v=ws.11).aspx)
--Check for active directory errors - dcdiag /q
--Important - Check event viwer system, application, DNS, Directory services logs for errors, warning & critical events.
--Check in task scheduler if any scheduled task is running at background. Also check your scheduled backup.
--Apart from subnetting any other recent changes or installed application. Also check your antivirus software, make sure it is up-to-date & run a --Full scan on your server.

--Finding the Bottleneck
Monitor the server when it's slow. You should be able to see where the bottleneck is: CPU, memory, disk, or network. Knowing this from the start will make it easier to find a solution, and you'll waste less time chasing bottlenecks that aren't there. For a closer look, you can use the Windows Performance Monitor.

Hope this helps.
0
 
LVL 30

Expert Comment

by:pgm554
Comment Utility
Just out of curiosity ,why would you need to change the subnet?
Comcast is basically using a router to NAT out your subnet which Comcast should have nothing to do with.(unless your using Comcasts brouter as your DHCP/gateway/router).
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
I couldn't reset the IP stack John because I am remote. I thought your second recommendation was to reboot the server. That has been done. Several times.

Chkdsk yielded no errors. dcdiag /test:dns yielded to errors. Forwarders resolve and are fine. Deleted the old reverse lookup and created the new one right off the bat and it is populating. DNS is listening on 3 IPv6 addresses and one IPv4 (the server). Dcdiag /q simply pointed out two errors in the system log about DCOM not being able to communicate with the two Comcast forwarders. Event logs are clean with the exception of those two errors. The screen shot of the resource monitor was attached several posts back and since no one questioned it the server looks find but .....

The old Comcast router was set at a LAN IP or 192.168.0.2 and everything was working fine. They increased the speed and when they did that they had to replace the router. They could not set the LAN IP address of the new router to 192.168.0.2. That blew my mind but none the less they couldn't. So I had to re-subnet around their router at 10.1.10.1

Never seen anything like it. I didn't think it would be that big of a deal since 95% of their equipment was using DHCP but it did something to the server. The only other thing I can think is that the switches took a hit at the exact same time. I suppose stranger things have happened but wow. What are the odds?
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
Switches are not usually a lot of money, so try one.

Call them and walk one person on only one computer through the TCP/IP Reset / DNS Flush. Has to be worth a try.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
I always have a router between my network and my isp box.. can you not set the comcast box as bridged instead of NAT?
0
 
LVL 30

Assisted Solution

by:pgm554
pgm554 earned 83 total points
Comment Utility
Same here,but as a wondered aloud why would he have to change his IP addressing scheme if he was.

I know you can use the SMC gateway to do most of what a 3rd party router does.

http://businesshelp.comcast.com/help-and-support/internet/using-a-static-ip/
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
Other options were/are available sure. I could always bridge the Comcast router and put one of my own on. They pretty much did it at the spur of the moment and re-subneting shouldn't have been this problematic. It wasn't a SMC Gateway. It was one of their newer "Business Class" gateways. I am still absolutely shocked that I couldn't set its LAN IP address where ever I wanted it but hey. It's Comcast. Anyone who has ever dealt with Comcast would understand :)
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
I understand what you are saying but we have changed subnets before (not often) without breaking anything. Vanilla workstations can do that

Is there any way to test one workstation even though not on site.

Since you have ruled out everything at the server, I am not sure what else it could be other than workstation
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
As stated the reason I didn't object too strenuously when the need arose is because it should be easy to do. Especially on such a small network. Don't know what to tell you. I guess sometimes things do work as anticipated. Imaging that :) I'll walk someone through the netsh procedure tomorrow....
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 30

Expert Comment

by:pgm554
Comment Utility
So you have no router other than the Comcast gateway?
0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 83 total points
Comment Utility
I suspect stale records, too. WINS. Hosts or whatever, and something working only after TCP/IP timeout for the old address. nbtstat -n, ntbstat -c, ipconfig /displaydns[/b] can be checked on a client PC - the server should be visible with the correct IP.

For a test, you can put the old address back in addition to the server, optionally to one client PC. If that speeds up things, it is indeed IP address related.

After checking for a local hosts file, DNS and WINS the next step in my environment would be to use network capturing software like Microsoft NetMon or WireShark, and perform a typically slow action. But analysis can get cumbersome.
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
This just keeps getting weirder. From one of the workstations I tried a NSLookup. It said the default server is cdns01.comcast.net

Shouldn't it be the Windows Server?
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
It said the default server is cdns01.comcast.net <-- Did you ever try a TCP/IP Reset. DNS Flush on a workstation?  I know you are remote.
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
Yes. It didn't do anything. I did a flush and register on both the server and workstation. I also tried re-joining the domain on a workstation and it wouldn't let me. Said it couldn't find the DNS server.
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
So then workstations are OK and it looks like DNS on the server needs to be fixed.
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
Here is a DNS article that is not too far different from the consultants we used to set up our server 2012. Please see if that helps.

http://www.tomsitpro.com/articles/configure-dns-windows-server-2012,2-793.html
0
 
LVL 30

Expert Comment

by:pgm554
Comment Utility
Are you getting dhcp from the Comcast router?
If so ,what is your dns server?
It should be the file server and not any Comcast dns servers.

From a command prompt do an ipconfig /all and post results.
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
Further developments. If I disable IPV6 on the workstation the NSLookup returns the server and I can rejoin the domain. If I enable IPV6 NSLookup return the DNS server as being a comcast dns server and I cannot re-join the domain.

What I did find is that Comcast left the V6 DHCP running on their router. I guess I wasn't explicit enough. They disabled the V4 DHCP Server but not the V6. So I disabled the IPV6 DHCP Server.

So what it really boils down to is "do I leave IPV6 enabled on the sever and workstations" even though there is no V6 DHCP any more. Microsoft doesn't recommend disabling V6 but wow. With oddities like this I am not so sure.
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
I don't know what has happened in your system.

Disabling IPv6 is generally a bad idea, but if that it all that works, consider it.

Why is Comcast tied up in your workstations? That seems like a Server issue.
0
 
LVL 30

Expert Comment

by:pgm554
Comment Utility
My advice to you is to get a good business class router and bypass all the Comcast com gear.

I have several Comcast Business class sites with static IP's and do not use any of their equipment for dhcp or dns on my servers.

I use it as a bridge and that's it.

If I have an issues ,it's easier for me to trouble shoot .
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
I know what happened. Until Comcasts new router showed up there was no IPV6 DHCP so everything was IPV4 based. Then Comcast shows up with their IPV6 DHCP Server and all of a sudden everything has a IPV6 address but it is dead wrong.

My understanding is that Windows will look at a IPV6 address before it will look at the IPV4 address. So everything was looking at the IPV6 address which was not set up properly.

Microsoft does not recommend disabling IPV6. I suppose things will be back to normal when the IPV6 Lease expires but wow, what a mess. @pgm544 I agree. I asked the installers if they couldn't just supply a modem. They said no but could turn this one in to a bridge. I guess that is as good as it gets. I would have done this from the start but had no notification from my customer. My first clue was a phone call "Hey. Comcast is here and nothing is working" :)
0
 
LVL 90

Expert Comment

by:John Hurst
Comment Utility
My understanding is that Windows will look at a IPV6 address before it will look at the IPV4 address  Yes it will and it has been that way for a while.
0
 
LVL 30

Expert Comment

by:pgm554
Comment Utility
Well ,that's the reason I was asking if Comcast gear was all there was.
Having worked with them in the past ,it's the first place you look if they are supplying your dns/dhcp.

I have them turn off their dhcp and open all their ports.
I use a good router/firewall to do everything else.

Granted I have static ips,but the principal is the same.
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
Indeed, I see nobody (including me) suggested to look at ipconfig /all, which is one of the first things to check. It would have revealed the IPv6 DHCP immediately ...
0
 
LVL 15

Author Comment

by:LockDown32
Comment Utility
I told Comcast to disable DHCP. They did on IPV4 but probably wasn't even aware there was an IPV6. I should have noticed it earlier but didn't.
0
 
LVL 30

Expert Comment

by:pgm554
Comment Utility
> I see nobody (including me) suggested to look at ipconfig /all,

Yeah ,I kinda did.
0
 
LVL 68

Expert Comment

by:Qlemo
Comment Utility
You did in #a41779038 - maybe too late and not prominent enough :D.
0
 
LVL 30

Expert Comment

by:pgm554
Comment Utility
Actually ,I'm a bit surprised it worked with the old IP subnet if Comcast was supplying the dns as default.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
Resolve DNS query failed errors for Exchange
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now