• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 78
  • Last Modified:

Re-Subnetting Caused Server Slowdown

Do to a Comcast issue I had to re-subnet a network from 192.168.0.0/24 to 10.1.10.0/24. Small network. 20 workstations all Windows 7 Professional. Server is 2012 R2 Standard.

For some reason is has brought the network to its knees. The server appears to be running slow but I can't find it. Task manager shows no CPU or Memory usage. No disk activity. Yet documents (Word, Excel) are opening and saving painfully slow. Red Xs on network drives. Just general slowness.

Can't find the problem. Any ideas?
0
LockDown32
Asked:
LockDown32
  • 11
  • 10
  • 8
  • +5
6 Solutions
 
Nico SCommented:
can you check the DNS settings.
0
 
LockDown32OwnerAuthor Commented:
That was my first though. The DNS looks fine unless you have any specifics you want me to look at....
0
 
David Johnson, CD, MVPOwnerCommented:
Check your switch configurations.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LockDown32OwnerAuthor Commented:
Nothing trick with the switches. No routing or anything else. They are web managed and just have one IP setting. They are, however, dated. It would just seem odd that they would go south at the exact same time. Attched is a screen shot of the Resource Monitor. Nothing really odd about it is there?
Capture.PNG
0
 
Neil RussellTechnical Development LeadCommented:
"Red Xs on network drives"
Almost certainly you have stale records for mapped drives pointing at the old IP addresses.
Have you tried deleting the network drive mappings and recreating them.
0
 
John HurstBusiness Consultant (Owner)Commented:
Can you restart the server? Maybe you already did.

Take one computer and run TCP/IP Reset.

Open cmd.exe with Run as Administrator
Then  netsh int ip reset c:\resetlog.txt
Also, ipconfig /flushdns followed by net stop dnscache followed by net start dnscache
Then restart the computer

See if the one computer responds better.
0
 
John HurstBusiness Consultant (Owner)Commented:
Also (reflecting on one client issue years ago), did the person before you install a Proxy Server?
0
 
LockDown32OwnerAuthor Commented:
Server has been rebooted several times. Drive mapping are always delete and remapped from ground zero at logon. Some lady came in yesterday and noticed that her workstation had red Xs. Rebooting fixed the problem. There were three other workstation that were on. All 3 had red Xs through the drive letters.

I rebooted one, opened my computer and there was nothing but a C: drive. Then, slowly, they 8 drive mappings appeared but you could see them show up. One at a time. All green and accessible but I had time to log in and open my computer. Then they started showing up. Slow motion. I
rebooted the other three and the same thing happened. People have complained about slow speed opening and closing Word and Excel docs. Just odd. Nothing points to anything.

No proxy server. I can't reset the IP stack because I am doing this remotely.
0
 
John HurstBusiness Consultant (Owner)Commented:
What about my other 2 suggestions ?
0
 
saumik belelCommented:
--Run the chkdsk cmd - check for errors or bad sectors.
--Run a DNS test - Dcdiag /test:dns, In DNS manager check your forwarders tab, if any unwanted IP address or not reachable IP address. Check your reverse lookup zone.  
-- Make sure old ip address are removed from DNS & Nic card. Dns server is listening to correct ip address (https://technet.microsoft.com/en-us/library/cc755068(v=ws.11).aspx)
--Check for active directory errors - dcdiag /q
--Important - Check event viwer system, application, DNS, Directory services logs for errors, warning & critical events.
--Check in task scheduler if any scheduled task is running at background. Also check your scheduled backup.
--Apart from subnetting any other recent changes or installed application. Also check your antivirus software, make sure it is up-to-date & run a --Full scan on your server.

--Finding the Bottleneck
Monitor the server when it's slow. You should be able to see where the bottleneck is: CPU, memory, disk, or network. Knowing this from the start will make it easier to find a solution, and you'll waste less time chasing bottlenecks that aren't there. For a closer look, you can use the Windows Performance Monitor.

Hope this helps.
0
 
pgm554Commented:
Just out of curiosity ,why would you need to change the subnet?
Comcast is basically using a router to NAT out your subnet which Comcast should have nothing to do with.(unless your using Comcasts brouter as your DHCP/gateway/router).
0
 
LockDown32OwnerAuthor Commented:
I couldn't reset the IP stack John because I am remote. I thought your second recommendation was to reboot the server. That has been done. Several times.

Chkdsk yielded no errors. dcdiag /test:dns yielded to errors. Forwarders resolve and are fine. Deleted the old reverse lookup and created the new one right off the bat and it is populating. DNS is listening on 3 IPv6 addresses and one IPv4 (the server). Dcdiag /q simply pointed out two errors in the system log about DCOM not being able to communicate with the two Comcast forwarders. Event logs are clean with the exception of those two errors. The screen shot of the resource monitor was attached several posts back and since no one questioned it the server looks find but .....

The old Comcast router was set at a LAN IP or 192.168.0.2 and everything was working fine. They increased the speed and when they did that they had to replace the router. They could not set the LAN IP address of the new router to 192.168.0.2. That blew my mind but none the less they couldn't. So I had to re-subnet around their router at 10.1.10.1

Never seen anything like it. I didn't think it would be that big of a deal since 95% of their equipment was using DHCP but it did something to the server. The only other thing I can think is that the switches took a hit at the exact same time. I suppose stranger things have happened but wow. What are the odds?
0
 
John HurstBusiness Consultant (Owner)Commented:
Switches are not usually a lot of money, so try one.

Call them and walk one person on only one computer through the TCP/IP Reset / DNS Flush. Has to be worth a try.
0
 
David Johnson, CD, MVPOwnerCommented:
I always have a router between my network and my isp box.. can you not set the comcast box as bridged instead of NAT?
0
 
pgm554Commented:
Same here,but as a wondered aloud why would he have to change his IP addressing scheme if he was.

I know you can use the SMC gateway to do most of what a 3rd party router does.

http://businesshelp.comcast.com/help-and-support/internet/using-a-static-ip/
0
 
LockDown32OwnerAuthor Commented:
Other options were/are available sure. I could always bridge the Comcast router and put one of my own on. They pretty much did it at the spur of the moment and re-subneting shouldn't have been this problematic. It wasn't a SMC Gateway. It was one of their newer "Business Class" gateways. I am still absolutely shocked that I couldn't set its LAN IP address where ever I wanted it but hey. It's Comcast. Anyone who has ever dealt with Comcast would understand :)
0
 
John HurstBusiness Consultant (Owner)Commented:
I understand what you are saying but we have changed subnets before (not often) without breaking anything. Vanilla workstations can do that

Is there any way to test one workstation even though not on site.

Since you have ruled out everything at the server, I am not sure what else it could be other than workstation
0
 
LockDown32OwnerAuthor Commented:
As stated the reason I didn't object too strenuously when the need arose is because it should be easy to do. Especially on such a small network. Don't know what to tell you. I guess sometimes things do work as anticipated. Imaging that :) I'll walk someone through the netsh procedure tomorrow....
0
 
pgm554Commented:
So you have no router other than the Comcast gateway?
0
 
QlemoC++ DeveloperCommented:
I suspect stale records, too. WINS. Hosts or whatever, and something working only after TCP/IP timeout for the old address. nbtstat -n, ntbstat -c, ipconfig /displaydns[/b] can be checked on a client PC - the server should be visible with the correct IP.

For a test, you can put the old address back in addition to the server, optionally to one client PC. If that speeds up things, it is indeed IP address related.

After checking for a local hosts file, DNS and WINS the next step in my environment would be to use network capturing software like Microsoft NetMon or WireShark, and perform a typically slow action. But analysis can get cumbersome.
0
 
LockDown32OwnerAuthor Commented:
This just keeps getting weirder. From one of the workstations I tried a NSLookup. It said the default server is cdns01.comcast.net

Shouldn't it be the Windows Server?
0
 
John HurstBusiness Consultant (Owner)Commented:
It said the default server is cdns01.comcast.net <-- Did you ever try a TCP/IP Reset. DNS Flush on a workstation?  I know you are remote.
0
 
LockDown32OwnerAuthor Commented:
Yes. It didn't do anything. I did a flush and register on both the server and workstation. I also tried re-joining the domain on a workstation and it wouldn't let me. Said it couldn't find the DNS server.
0
 
John HurstBusiness Consultant (Owner)Commented:
So then workstations are OK and it looks like DNS on the server needs to be fixed.
0
 
John HurstBusiness Consultant (Owner)Commented:
Here is a DNS article that is not too far different from the consultants we used to set up our server 2012. Please see if that helps.

http://www.tomsitpro.com/articles/configure-dns-windows-server-2012,2-793.html
0
 
pgm554Commented:
Are you getting dhcp from the Comcast router?
If so ,what is your dns server?
It should be the file server and not any Comcast dns servers.

From a command prompt do an ipconfig /all and post results.
0
 
LockDown32OwnerAuthor Commented:
Further developments. If I disable IPV6 on the workstation the NSLookup returns the server and I can rejoin the domain. If I enable IPV6 NSLookup return the DNS server as being a comcast dns server and I cannot re-join the domain.

What I did find is that Comcast left the V6 DHCP running on their router. I guess I wasn't explicit enough. They disabled the V4 DHCP Server but not the V6. So I disabled the IPV6 DHCP Server.

So what it really boils down to is "do I leave IPV6 enabled on the sever and workstations" even though there is no V6 DHCP any more. Microsoft doesn't recommend disabling V6 but wow. With oddities like this I am not so sure.
0
 
John HurstBusiness Consultant (Owner)Commented:
I don't know what has happened in your system.

Disabling IPv6 is generally a bad idea, but if that it all that works, consider it.

Why is Comcast tied up in your workstations? That seems like a Server issue.
0
 
pgm554Commented:
My advice to you is to get a good business class router and bypass all the Comcast com gear.

I have several Comcast Business class sites with static IP's and do not use any of their equipment for dhcp or dns on my servers.

I use it as a bridge and that's it.

If I have an issues ,it's easier for me to trouble shoot .
0
 
LockDown32OwnerAuthor Commented:
I know what happened. Until Comcasts new router showed up there was no IPV6 DHCP so everything was IPV4 based. Then Comcast shows up with their IPV6 DHCP Server and all of a sudden everything has a IPV6 address but it is dead wrong.

My understanding is that Windows will look at a IPV6 address before it will look at the IPV4 address. So everything was looking at the IPV6 address which was not set up properly.

Microsoft does not recommend disabling IPV6. I suppose things will be back to normal when the IPV6 Lease expires but wow, what a mess. @pgm544 I agree. I asked the installers if they couldn't just supply a modem. They said no but could turn this one in to a bridge. I guess that is as good as it gets. I would have done this from the start but had no notification from my customer. My first clue was a phone call "Hey. Comcast is here and nothing is working" :)
0
 
John HurstBusiness Consultant (Owner)Commented:
My understanding is that Windows will look at a IPV6 address before it will look at the IPV4 address  Yes it will and it has been that way for a while.
0
 
pgm554Commented:
Well ,that's the reason I was asking if Comcast gear was all there was.
Having worked with them in the past ,it's the first place you look if they are supplying your dns/dhcp.

I have them turn off their dhcp and open all their ports.
I use a good router/firewall to do everything else.

Granted I have static ips,but the principal is the same.
0
 
QlemoC++ DeveloperCommented:
Indeed, I see nobody (including me) suggested to look at ipconfig /all, which is one of the first things to check. It would have revealed the IPv6 DHCP immediately ...
0
 
LockDown32OwnerAuthor Commented:
I told Comcast to disable DHCP. They did on IPV4 but probably wasn't even aware there was an IPV6. I should have noticed it earlier but didn't.
0
 
pgm554Commented:
> I see nobody (including me) suggested to look at ipconfig /all,

Yeah ,I kinda did.
0
 
QlemoC++ DeveloperCommented:
You did in #a41779038 - maybe too late and not prominent enough :D.
0
 
pgm554Commented:
Actually ,I'm a bit surprised it worked with the old IP subnet if Comcast was supplying the dns as default.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 11
  • 10
  • 8
  • +5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now