Announcement

Collapse
No announcement yet.

Late Response for internet addresses resolution!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Late Response for internet addresses resolution!

    Hi,

    We recently purchased a new server to replace our old Server 2003 DC (Server2k3). We installed Server 2008 R2 Enterprise Edition (Server2k8 ) on new machine then carried out all steps to include it as a Member server then make it as a primary server by transferring 5 FSMO roles as per this MS KB article. We haven't yet done demote of old DC.

    About the network configuration, server2k8 has two network interfaces: Public (directly connected to ISP; static public ip) and Private (for local network). When we added this server as member server to existing domain, AD and DNS settings got replicated. Later, I manually configured Routing and Remote access with the option of "VPN+NAT" via wizard. For testing purposes, we shutdown old server2k3 and updated the gateway addresses for client machines to point to new server2k8. We also ran "ipconfig /flushndns" to clear DNS cache. For testing purposes, we also verified inter connections using nslookup command.

    Now after this configuration, we have noticed some kind of initial lag of few seconds when browsing internet. The lag seems to be with the web address name resolution. Is this normal or am I just being paranoid? Also, when I ran "Ping www.yahoo.com" then I get first response as "Request time out" then from second query onwards I start getting reply.

    I have a feeling that something is still wrong with my settings but not sure where to look? DNS or NAT?

    Below are my network interface addresses and DNS settings:

    Serverk8 Public Interface
    IP: <ISP Provided>
    Subnet: <ISP Provided>
    Gateway: <ISP Provided>
    DNS1: <ISP Provided>
    DNS2: <ISP Provided>

    Serverk8 Private Interface
    IP: 192.168.0.253
    Subnet: 255.255.255.0
    Gateway: (this is other problem, I cannot set gateway to 192.168.0.253)
    DNS1: 192.168.0.253

    Serverk8 DNS Server Settings
    Interfaces Tab:
    Listen On: Only the following IP addresses (192.168.0.253)

    Forwarders tab:
    ISP given DNS1 and DNS2 (from Public interface).
    Use root hints if no forwarders are available: Checked

    Advanced tab:
    Enable round robin: Checked
    Enable netmask ordering: Checked
    Secure cache against pollution: Checked
    Rest all unchecked

    From RRAS, I am not sure what details to provide. Please let me know if any more details are required to find the problem source.

    Appreciate your help on this.

    Thanks and Regards,
    Last edited by biggles77; 6th June 2010, 04:19. Reason: Fix smilie issue

  • #2
    Re: Late Response for internet addresses resolution!

    I'm not at work so don't have any of my references, but I'm sure you cannot have more than 1 gateway on a computer.

    Secondly, how are the routes set up? Something tells me that this might help.

    Can you post the results of a route print command?
    A recent poll suggests that 6 out of 7 dwarfs are not happy

    Comment


    • #3
      Re: Late Response for internet addresses resolution!

      Run tracert to get a better picture of where the delay is.
      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Late Response for internet addresses resolution!

        Thanks for the responses. Below is the output for Route and Tracert commands.

        route print output:
        Code:
        C:\Users\admin>route print
        ===========================================================================
        Interface List
         22...........................RAS (Dial In) Interface
         12...00 25 64 fa eb 3f ......Broadcom BCM5709C NetXtreme II GigE (NDIS VBD Client) #2
         11...00 25 64 fa eb 3d ......Broadcom BCM5709C NetXtreme II GigE (NDIS VBD Client)
          1...........................Software Loopback Interface 1
        ===========================================================================
        
        IPv4 Route Table
        ===========================================================================
        Active Routes:
        Network Destination        Netmask          Gateway       Interface  Metric
                  0.0.0.0          0.0.0.0    68.xxx.xx.249    68.xxx.xx.252    276
                  0.0.0.0          0.0.0.0         On-link     192.168.0.253    266
            68.xxx.xx.248  255.255.255.248         On-link     68.xxx.xx.252    276
            68.xxx.xx.252  255.255.255.255         On-link     68.xxx.xx.252    276
            68.xxx.xx.255  255.255.255.255         On-link     68.xxx.xx.252    276
                127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
                127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
          127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
              192.168.0.0    255.255.255.0         On-link     192.168.0.253    266
            192.168.0.201  255.255.255.255         On-link     192.168.0.201    291
            192.168.0.207  255.255.255.255    192.168.0.207    192.168.0.201     36
            192.168.0.253  255.255.255.255         On-link     192.168.0.253    266
            192.168.0.255  255.255.255.255         On-link     192.168.0.253    266
                224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
                224.0.0.0        240.0.0.0         On-link     68.xxx.xx.252    276
                224.0.0.0        240.0.0.0         On-link     192.168.0.253    266
                224.0.0.0        240.0.0.0         On-link     192.168.0.201    291
          255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
          255.255.255.255  255.255.255.255         On-link     68.xxx.xx.252    276
          255.255.255.255  255.255.255.255         On-link     192.168.0.253    266
          255.255.255.255  255.255.255.255         On-link     192.168.0.201    291
        ===========================================================================
        Persistent Routes:
          Network Address          Netmask  Gateway Address  Metric
                  0.0.0.0          0.0.0.0    68.xxx.xx.249  Default
                  0.0.0.0          0.0.0.0    192.168.0.253  Default
        ===========================================================================
        
        IPv6 Route Table
        ===========================================================================
        Active Routes:
         If Metric Network Destination      Gateway
          1    306 ::1/128                  On-link
          1    306 ff00::/8                 On-link
        ===========================================================================
        Persistent Routes:
          None
        tracert output:
        Code:
        C:\Users\admin>tracert www.yahoo.com
        
        Tracing route to any-fp.wa1.b.yahoo.com [69.147.125.65]
        over a maximum of 30 hops:
        
          1  SERVER2K8.somedomain.com [192.168.0.253]  reports: Destination host unreachable.
        
        Trace complete.
        
        C:\Users\admin>tracert www.yahoo.com
        
        Tracing route to any-fp.wa1.b.yahoo.com [209.191.122.70]
        over a maximum of 30 hops:
        
          1  SERVER2K8.somedomain.com [192.168.0.253]  reports: Destination host unreachable.
        
        Trace complete.
        
        C:\Users\admin>tracert www.yahoo.com
        
        Tracing route to any-fp.wa1.b.yahoo.com [67.195.160.76]
        over a maximum of 30 hops:
        
          1  SERVER2K8.somedomain.com [192.168.0.253]  reports: Destination host unreachable.
        
        Trace complete.

        Comment


        • #5
          Re: Late Response for internet addresses resolution!

          Originally posted by g_srinivas View Post
          Hi,

          Serverk8 Public Interface
          IP: <ISP Provided>
          Subnet: <ISP Provided>
          Gateway: <ISP Provided>
          DNS1: <ISP Provided>
          DNS2: <ISP Provided>
          This is all excellent, and as it should be.
          Serverk8 Private Interface
          IP: 192.168.0.253
          Subnet: 255.255.255.0
          Gateway: (this is other problem, I cannot set gateway to 192.168.0.253)
          DNS1: 192.168.0.253
          you should NOT have a gateway on this. RRAS takes care of it. A computer should never have itself configured as a gateway..

          Serverk8 DNS Server Settings
          Interfaces Tab:
          Listen On: Only the following IP addresses (192.168.0.253)

          Forwarders tab:
          ISP given DNS1 and DNS2 (from Public interface).
          Use root hints if no forwarders are available: Checked

          Advanced tab:
          Enable round robin: Checked
          Enable netmask ordering: Checked
          Secure cache against pollution: Checked
          Rest all unchecked
          This stuff looks ok here.

          Get rid of the gatway address I mentioned above and see if it helps.
          If you're stil having problems, try monitoring packets to see what's happening with your dns lookups...
          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

          Comment


          • #6
            Re: Late Response for internet addresses resolution!

            Hi tehcamel,

            My current configuration doesn't have any Gateway address set on private interface at all.

            If all DNS settings are find then could the problem be because of RRAS configuration? And how can I monitor packets to see what's happening with DNS lookups?

            Thanks and Regards,

            Comment


            • #7
              Re: Late Response for internet addresses resolution!

              DNS should be removed from the external nic just like what you would do on a ISA server.
              Please try: nslookup www.google.com and give us the output.
              Also remove the forwarders in your DNS configuration to see if that make any difference. roothints would always work

              For now I think you have an issue with name resolving or with your network configuration.
              In any case, do not add a gateway on the internal interface

              Also where is RRAS configured for? Will this become an edge device?
              Personally I would go to the basics and remove RRAS and test it out... Without RRAS your server should resolve DNS correctly and also a traceroute should work (unless ICMP is blocked but that would give you a different output )
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment


              • #8
                Re: Late Response for internet addresses resolution!

                Hi Dumber,

                I do not have Gateway address on Private interface.

                Below is output for "nslookup www.google.com" command:

                Code:
                C:\Users\admin>nslookup www.google.com
                Server:  server2k8.somedomain.com
                Address:  192.168.0.253
                
                Non-authoritative answer:
                Name:    www.l.google.com
                Addresses:  74.125.95.147
                          74.125.95.99
                          74.125.95.103
                          74.125.95.104
                          74.125.95.105
                          74.125.95.106
                Aliases:  www.google.com
                After removing the two DNS forwarders and restarting DNS service I get the below output for the above same command:

                Code:
                C:\Windows\system32>ipconfig /flushdns
                
                Windows IP Configuration
                
                Successfully flushed the DNS Resolver Cache.
                
                C:\Windows\system32>nslookup www.google.com
                Server:  server2k8.somedomain.com
                Address:  192.168.0.253
                
                DNS request timed out.
                    timeout was 2 seconds.
                DNS request timed out.
                    timeout was 2 seconds.
                *** Request to server2k8.somedomain.com timed-out
                
                C:\Windows\system32>
                RRAS is configured on this same server. We have a very small network and we will be using this server for AD, DNS, NAT and VPN. I know having everything on one server isn't recommended but we wouldn't want to go with multiple servers.

                I am sorry but I am not sure what exactly is a edge device?

                Like you said, I stopped RRAS (not sure if the result is same like removing it completely) and below is the output for above same command:

                Code:
                C:\Windows\system32>nslookup www.google.com
                Server:  server2k8.somedomain.com
                Address:  192.168.0.253
                
                Non-authoritative answer:
                Name:    www.l.google.com
                Addresses:  74.125.95.104
                          74.125.95.105
                          74.125.95.106
                          74.125.95.147
                          74.125.95.99
                          74.125.95.103
                Aliases:  www.google.com
                
                
                C:\Windows\system32>ping www.google.com
                
                Pinging www.l.google.com [74.125.95.105] with 32 bytes of data:
                Reply from 192.168.0.253: Destination host unreachable.
                Reply from 74.125.95.105: bytes=32 time=29ms TTL=53
                Reply from 74.125.95.105: bytes=32 time=29ms TTL=53
                Reply from 74.125.95.105: bytes=32 time=29ms TTL=53
                
                Ping statistics for 74.125.95.105:
                    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
                Approximate round trip times in milli-seconds:
                    Minimum = 29ms, Maximum = 29ms, Average = 29ms
                Thanks and Regards,

                Comment


                • #9
                  Re: Late Response for internet addresses resolution!

                  it looks like server2k8.domain.com is not actually responding to dns queries initially based on your most recent post...
                  Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                  Comment


                  • #10
                    Re: Late Response for internet addresses resolution!

                    So if you stop RRAS and removed the external DNS servers on your External nic and removing the forwarders everything is OK?
                    Well except VPN and NAT of course, but at least it's a start. Next thing is configuring RRAS on a proper way.

                    An edge device is ehh... an device on the edge? What I meant; is this device connected directly to the internet? I'm a bit worried about your network security
                    Marcel
                    Technical Consultant
                    Netherlands
                    http://www.phetios.com
                    http://blog.nessus.nl

                    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                    "No matter how secure, there is always the human factor."

                    "Enjoy life today, tomorrow may never come."
                    "If you're going through hell, keep going. ~Winston Churchill"

                    Comment


                    • #11
                      Re: Late Response for internet addresses resolution!

                      Sorry for the late reply and thanks again to all for your replies.

                      Our problem got resolved after resetting tcp/ip as per this kb article and configuring RRAS again

                      Regards,

                      Comment

                      Working...
                      X