Announcement

Collapse
No announcement yet.

SBS 2003 DNS/Gateway problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SBS 2003 DNS/Gateway problem

    Hi, I have an SBS 2003 running for couple of years without any problems, last week users reported intermitent internet access.

    After spending few hours it appears that I have some weird DNS problems, which I can't seem to resolve, I hope someone here can help.

    If I disable the WAN card and re-enable it then everything works fine for 4 minutes, and after a while everything starts to work again for a while, and so on.

    The setup is as follows;

    2 nics, one connected to BT business hub with static ip

    SBS 2003 all current updates, ISA 2004 sp3 etc.

    an extract of netdiag.exe when it stops working
    Adapter : ADSL

    Netcard queries test . . . : Passed

    Host Name. . . . . . . . . : ajs-srvr1
    IP Address . . . . . . . . : x.x.x.193
    Subnet Mask. . . . . . . . : 255.255.255.248
    Default Gateway. . . . . . : x.x.x198
    NetBIOS over Tcpip . . . . : Disabled
    Dns Servers. . . . . . . . : 192.168.16.2


    AutoConfiguration results. . . . . . : Passed

    Default gateway test . . . : Failed
    No gateway reachable for this adapter.

    NetBT name test. . . . . . : Skipped
    NetBT is disabled on this interface. [Test skipped]

    WINS service test. . . . . : Skipped
    NetBT is disable on this interface. [Test skipped].


    Global results:


    Domain membership test . . . . . . : Passed


    NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
    NetBT_Tcpip_{422BCACB-3CB3-4725-BD77-4652F0411BC4}
    1 NetBt transport currently configured.


    Autonet address test . . . . . . . : Passed


    IP loopback ping test. . . . . . . : Passed


    Default gateway test . . . . . . . : Failed

    [FATAL] NO GATEWAYS ARE REACHABLE.
    You have no connectivity to other network segments.
    If you configured the IP protocol manually then
    you need to add at least one valid gateway.
    nslookup -d2 output

    ------------
    SendRequest(), len 43
    HEADER:
    opcode = QUERY, id = 1, rcode = NOERROR
    header flags: query, want recursion
    questions = 1, answers = 0, authority records = 0, additional = 0

    QUESTIONS:
    2.16.168.192.in-addr.arpa, type = PTR, class = IN

    ------------
    ------------
    Got answer (81 bytes):
    HEADER:
    opcode = QUERY, id = 1, rcode = NOERROR
    header flags: response, auth. answer, want recursion, recursion avail.
    questions = 1, answers = 1, authority records = 0, additional = 0

    QUESTIONS:
    2.16.168.192.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    -> 2.16.168.192.in-addr.arpa
    type = PTR, class = IN, dlen = 26
    name = ajs-srvr1.ajsgroup.local
    ttl = 1200 (20 mins)

    ------------
    Server: ajs-srvr1.ajsgroup.local
    Address: 192.168.16.2

    ------------
    SendRequest(), len 43
    HEADER:
    opcode = QUERY, id = 2, rcode = NOERROR
    header flags: query, want recursion
    questions = 1, answers = 0, authority records = 0, additional = 0

    QUESTIONS:
    google.com.AJSGroup.local, type = A, class = IN

    ------------
    ------------
    Got answer (114 bytes):
    HEADER:
    opcode = QUERY, id = 2, rcode = NXDOMAIN
    header flags: response, auth. answer, want recursion, recursion avail.
    questions = 1, answers = 0, authority records = 1, additional = 0

    QUESTIONS:
    google.com.AJSGroup.local, type = A, class = IN
    AUTHORITY RECORDS:
    -> ajsgroup.local
    type = SOA, class = IN, dlen = 45
    ttl = 3600 (1 hour)
    primary name server = ajs-srvr1.ajsgroup.local
    responsible mail addr = hostmaster.ajsgroup.local
    serial = 202
    refresh = 900 (15 mins)
    retry = 600 (10 mins)
    expire = 86400 (1 day)
    default TTL = 3600 (1 hour)

    ------------
    ------------
    SendRequest(), len 28
    HEADER:
    opcode = QUERY, id = 3, rcode = NOERROR
    header flags: query, want recursion
    questions = 1, answers = 0, authority records = 0, additional = 0

    QUESTIONS:
    google.com, type = A, class = IN

    ------------
    DNS request timed out.
    timeout was 2 seconds.
    timeout (2 secs)
    Any ideas? I have tried all sort of combinations and fixes but can't find out what the problem is.

  • #2
    Re: SBS 2003 DNS/Gateway problem

    Are you sure your router is still working properly?
    If you setup a constant ping from the server does it lose connection?
    If your router has a switch in the back try another port.
    They would be my first guesses.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: SBS 2003 DNS/Gateway problem

      Router seems to be working and I have tried another of the same make with same results, I have a laptop plugged into the router's port and that works fine without any problems.

      The thing that is wierd is that it stops working after 4 minutes.

      Comment


      • #4
        Re: SBS 2003 DNS/Gateway problem

        How many NICs has the server got?
        Do the ISA or event logs show anything?
        4 mins is odd I agree.

        If you can on your router, try a constant ping back to the server (assuming ISA allows) to see if it drops the connection. It could be something as simple as a dogy cable or NIC.
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: SBS 2003 DNS/Gateway problem

          there are two nics, I have replaced the cable.

          I am seeing a lot of dropped packets in the ISA log

          quite a lot FWX_E_FWE_SPOOFING_PACKET_DROPPED
          and FWX_E_TCP_NOT_SYN_PACKET_DROPPED

          I see a lot of Denied packets from the external nic to various ips with Unidentified IP Traffic.
          Last edited by mushtaq; 7th May 2008, 20:42.

          Comment


          • #6
            Re: SBS 2003 DNS/Gateway problem

            I'm at a loss really.
            Have you tried re-running the wizard just to make sure you have the right subnets for inside and outside (a bit lame but who knows).
            The drops could just be externally initiated connections trying to get in and being blocked by ISA. Spoofing means they are implying they are locally generated requests but because of the NIC setup ISA knows they are coming in on the wrong interface.
            cheers
            Andy

            Please read this before you post:


            Quis custodiet ipsos custodes?

            Comment


            • #7
              Re: SBS 2003 DNS/Gateway problem

              I have run the wizard many times, and still the same problem.

              I'm going to try Wireshark tomorrow to see what it shows, might get some clues from there.

              Comment


              • #8
                Re: SBS 2003 DNS/Gateway problem

                The old BT bricks used to be 10baseT, is your NIC set for that (assuming it is the same type)?

                If you have more than one interface available on the router I would be tempted to plug in a firewalled PC with a constant ping and then wait until the network loses access. It could help tie down the issue.
                cheers
                Andy

                Please read this before you post:


                Quis custodiet ipsos custodes?

                Comment

                Working...
                X