Another Server 2003 Issue

RTmarc

Windows Server 2003 Standard Edition
DC running: AD, DHCP, DNS, RAS

Server has two NICs: LAN = External to ISP, LAN2 = Internal

RAS is running and LAN interface is setup for NAT and Firewall. The problem I'm having is I'm constantly having to Repair the LAN. Every 20 minutes or so all clients and servers drop internet connectivity. I Repair the connection and it immediately reconnects. I've combed through the settings several times and I can't find anything that should cause this. Anyone have any suggestions? For a temporary fix I created a bat file to run every few minutes to renew the connection and that seems to be holding.

w^rl0rd

Does the interface that the clients connect to hold a static IP? I know that while renewing a lease connecting clients may have problems.

RTmarc

No it's not an issue with renewing or the internal LAN interface (NIC2). It's only a problem with NIC 1 and the external gateway. It happens on the server itself too; which are all static ip address. They drop all connectivity to the internet too. I'm not exaggerating when I say every 20 minutes or so I have to Repair the connection. As soon as it is done with the Repair process everything immediately comes back up.

boyles23

I don't know alot about Server 2003 but is the server setup as the router. I know in a multihomed 2003 system you have to go into the registry and enable the option, maybe it has something to do with it. Just my 2 cents and I hope it helps.

Jonathan

sprkymrk

Are you connected to your ISP with a cable/dsl modem or router or something else?

RTmarc

sprkymrk wrote:

Are you connected to your ISP with a cable/dsl modem or router or something else?

Cable modem. Comes in from the wall, hits the modem, and then hits NIC1 in server. NIC2 from server goes into Cisco switch and then out to clients.

sprkymrk

Have you tried trouble shooting from the perspective that DHCP may be malfuntioning or misconfigured on the modem? Repairing a network connection basically just does a release and renew on it's ip. I wasn't able to find anything else that the repair option does besides that and maybe renew dns name registrations .

RTmarc

The only thing that Repair does is: ipconfig/release, ipconfig/renew, ipconfig/flushdns, nbtstat -RR, arp -d (I think is the command). I have to wonder if either NIC1 is flaking out.

The modem itself does not run DHCP or anything long those lines. I may see if I can't get another modem from Charter or swap out NIC1.


EDIT: correcting typo

royal

RTmarc wrote:

The only thing that Repair does is: ipconfig/release, ipconfig/renew, ipconfig/flushdns, nbtstat -R, arp -d (I think is the command).

It does a little bit more than that. It also does a ipconfig /registerdns as well as a nbtstat -RR and it's actually arp -d *.

As for the original problems, try upgrading NIC drivers for both nics. Try a different patch cable. Also, try rebooting the cable modem, router, etc...

RTmarc

icroyal wrote:

RTmarc wrote:

The only thing that Repair does is: ipconfig/release, ipconfig/renew, ipconfig/flushdns, nbtstat -R, arp -d (I think is the command).

It does a little bit more than that. It also does a ipconfig /registerdns as well as a nbtstat -RR and it's actually arp -d *.

As for the original problems, try upgrading NIC drivers for both nics. Try a different patch cable. Also, try rebooting the cable modem, router, etc...

I've already updated drivers but I haven't tried another patch cable though. I'll give it a shot.

SWM

If the NIC is onboard, try a firmware upgrade for the board. I have had to do this with several Intel server boards. Otherwise you may just have a flaky NIC.

agustinchernitsky

Questions:

1.- When all clients & servers drop connectivity, can they still see each other? Whats between the server and the clients? Hub? Switch?
2.- When that happens, from the server can you browse the Internet?
3.- Have you checked the server system logs? Anything important?
4.- can you install netmon and sniff the internet interface to see whats happening? (post the file)
5.- Can you run some perf. monitor on the interfaces of the server to see if there are many bad packets, retries, collissions or whatever? (post info)
6.- Can you install a third card to be sure it's not a faulty card?
7.- Tell us about your hardware... RAM usage, CPU usage, all that lovely stuff.

Send me this info and I´ll try and help!

Saludos!

RTmarc

1) Yes. Even with the WAN interface down, all clients can see each other and traffic moves as normal across LAN.
2) No. When WAN interface goes down, internet connectivity is completely down.
3) Nothing I can see. Nothing sticks out of normal.
4 and 5) Have not done yet. I think issue might be on ISP side or cable modem.
6) That's the next step but I don't think this is the issue. I'll explain more in a second.
7) No performance issue on server at all. P4 3.0GHz, 1.5GB DDR2 5300mhz RAM, overkill on hard drive space.

I noticed something I haven't so far this afternoon. When the interface was down, I could not resolve any external ip addresses. I can ping my ISP gateway but can't go any further than that. This time instead of using the Repair command I actually went down the steps and tried each one to see which one corrected the issue. Releasing and renewing the IP address is what corrected it. I didn't have to go any further from that point. At this point I'm inclined to think it's on the ISP side.

As far as my network structure:

Charter -> ISP provided cable modem -> NIC1 on server -> NIC2 on server -> Cisco switch -> clients

Danman32

boyles23 wrote:

I don't know alot about Server 2003 but is the server setup as the router. I know in a multihomed 2003 system you have to go into the registry and enable the option, maybe it has something to do with it. Just my 2 cents and I hope it helps.

Jonathan

Only if you are not using RRAS. RRAS has configuration to provide routing.

sprkymrk

RTmarc wrote:

At this point I'm inclined to think it's on the ISP side.

I'm inclined to agree - either ISP or modem. Keep us posted!

Danman32

If I understand your symptoms, when the problem cropped up, the clients could not access the server itself. That would sound like a TCP stack problem to me. A disconnect from the ISP would have the clients lose connection to the internet (since they rely on the server), but that would not stop them from accessing the server since LAN2 should not be affected. Clients should be looking to the server's DNS for their DNS exclusively, otherwise you are going to get AD problems.

sprkymrk

Danman32 wrote:

If I understand your symptoms, when the problem cropped up, the clients could not access the server itself. That would sound like a TCP stack problem to me. A disconnect from the ISP would have the clients lose connection to the internet (since they rely on the server), but that would not stop them from accessing the server since LAN2 should not be affected. Clients should be looking to the server's DNS for their DNS exclusively, otherwise you are going to get AD problems.

No, he only loses Internet connectivity.

Every 20 minutes or so all clients and servers drop internet connectivity.

It's only a problem with NIC 1 and the external gateway.

I noticed something I haven't so far this afternoon. When the interface was down, I could not resolve any external ip addresses. I can ping my ISP gateway but can't go any further than that.

xlg123

RAS is running and LAN interface is setup for NAT and Firewall.

Your not using ISA fireawll are you. That causes a whole new dynamic DHCP list of drama. You only have the default gateway setup on the external NIC as well, correct? (Well, its automatic from your ISP. Gateway should be blank on internal NIC).

sprkymrk

xlg123 wrote:

RAS is running and LAN interface is setup for NAT and Firewall.

Your not using ISA fireawll are you. That causes a whole new dynamic DHCP list of drama. You only have the default gateway setup on the external NIC as well, correct? (Well, its automatic from your ISP. Gateway should be blank on internal NIC).

Keep in mind it works for 20 minutes or so at a time. If these were issues it would never work.

RTmarc

xlg123 wrote:

RAS is running and LAN interface is setup for NAT and Firewall.

Your not using ISA fireawll are you. That causes a whole new dynamic DHCP list of drama. You only have the default gateway setup on the external NIC as well, correct? (Well, its automatic from your ISP. Gateway should be blank on internal NIC).

No I'm not running ISA. I had considered trying it to see if it would correct the issue but at this point it is not installed. The external NIC (NIC1) is setup to automatically receive settings from the ISP.

The LAN interface (NIC2) is not setup for NAT or Firewall. NIC1 is setup for both. I've got a support call in with Charter so hopefully I'll hear something from them in the next day or so. Last night it did fine for about 5 hours and then dropped sometime over night. I had NetMon running the whole time and I didn't notice anything out of the ordinary.

blargoe

As far as the OS is concerned, when this occurs does windows indicate a dropped network connection (a red x on that network connection's icon) or a disabled interface (grayed out icon)?

Have you run the diagnostic program from the manufacturer of the network card?

If this is a non-production environment, have you tried connecting another computer or a different router (i.e. a home linksys router) to the cable modem and see of you still get the drops?

RTmarc

blargoe wrote:

As far as the OS is concerned, when this occurs does windows indicate a dropped network connection (a red x on that network connection's icon) or a disabled interface (grayed out icon)?

No. Windows still indicates the connection is up. Like I said before, I can still ping the ISP gateway, just can't go any further than that.

Have you run the diagnostic program from the manufacturer of the network card?

No. I haven't done so yet. I've almost all but ruled out the NIC as being the problem. I'll give it a shot when I get home though.

If this is a non-production environment, have you tried connecting another computer or a different router (i.e. a home linksys router) to the cable modem and see of you still get the drops?

No I haven't done this yet. I wanted to do this before I left this weekend but I didn't have a chance. At this point, only this server is configured for RRAS. I just setup a test machine but it does not have two NICs in it yet. I'll probably buy another this weekend and try it when I get home.

holysheetman

have you tried to pathping the ISP gateway ? See what kind of results you see from that. See if there are any timeout values that help you along the way...

blargoe

You know, I had intermittent problems with my cable a couple of years ago and it turned out that a neighbor nicked the underground wire when he installed his new driveway. Doing a continuous ping would show anywhere from 5% to 30% dropped packets.

If you can demonstrate this by pinging the ISP gateway with a differnet computer hanging off the cable modem, call your ISP and ask to speak to an engineer.

benjiga69

Have you tried and ipconfig/all and recorded the WAN address you are recieving from your ISP and manually entering it in as a static ip? I had the same problem with one of my cable/dsl routers and this fixed my problem. I just used the ip address that was leased to me and put it into my router's WAN interface statically and this solved my problems.

RTmarc

benjiga69 wrote:

Have you tried and ipconfig/all and recorded the WAN address you are recieving from your ISP and manually entering it in as a static ip? I had the same problem with one of my cable/dsl routers and this fixed my problem. I just used the ip address that was leased to me and put it into my router's WAN interface statically and this solved my problems.

I'm trying this now. The ISP is pushing out addresses with a 4 hour lease. I'm going to try that for the next little bit and see what happens.