Network Connectivity issues on some Pc's - help needed

Server 2003
Recently changed the DHCP scope to a different range in order to fall in line with other organisations within our area. i.e. old scopes removed and new scopes created.

Since then, rooms with say 25 computers maybe 5 or 6 would display the tray icon - unable to connect to network (yellow error message showing poor connectivity


unable to do ipconfig / renew or "repair" - same problem as elsewhere in organisation recently prior to this change. Can set ip address to a static one but unable to ping any servers etc

Most PC's in on startup are displaying new IP address of 10.242.y.z (we use
bginfo on all our Pc's) - faulty ones still showing 10.3.y.z (the old ip range).

just for info - DC Server Network adaptor cards are configured to new ip address and also old ip address just for now. We have Active Directory integrated DNS.

I don't think that there are any problems with the pc's themselves because if pc was taken to different part of building served by a different switch all would be ok.

Could this be a switch problem ?? Would rebooting switches or upgrading firmware in switches be of any benefit? We are using Zyxel switches in many parts of our organisation.

Any ideas please?

Comments

  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    If you can't ping local machines with static IPs, you have some physical connectivity problem or you have messed up TCP/IP stacks on those machines (which is rare, especially with that number). You did disable the firewall or allow ICMP on the machines you're trying to ping, right?

    You could try restarting the switch. It's not going to hurt anything. Are those switches managed? Maybe you have to go in and tweak some of the settings.
  • neathneathneathneathneathneath Member Posts: 438
    dynamik wrote:
    If you can't ping local machines with static IPs, you have some physical connectivity problem or you have messed up TCP/IP stacks on those machines (which is rare, especially with that number). You did disable the firewall or allow ICMP on the machines you're trying to ping, right?

    You could try restarting the switch. It's not going to hurt anything. Are those switches managed? Maybe you have to go in and tweak some of the settings.

    What can be done re: messed up TCP/IP stacks on those machines ?

    No internal firewall on the network - only one to the outside world.

    I think its a switch-related problem (they are managed) but not really familiar with switches at present. Our infrastructure is overseen by an outside firm (who at present, can't find the problem).
  • undomielundomiel Member Posts: 2,818
    netsh int ip reset reset.txt

    Here's a link for more info on reseting the ip stack.

    http://support.microsoft.com/kb/299357
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • neathneathneathneathneathneath Member Posts: 438
    undomiel wrote:
    netsh int ip reset reset.txt

    Here's a link for more info on reseting the ip stack.

    http://support.microsoft.com/kb/299357

    thanks for that, not back at work until late next week but will try that icon_idea.gif
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    I wasn't talking about physical firewalls. Most machines have software firewalls that won't allow pings and things like that through. If you're able to ping machines with a static IP, that'll change the scenario entirely. You should definitely check if you have a firewall on the machines you're trying to ping.
  • neathneathneathneathneathneath Member Posts: 438
    Having occasional network connectivity problems with a particular batch of new pc's.

    PC's are working fine one day, then limited connectivity icon show in system tray.

    Whatever we try to do does not renew the connection - ipconfig - repair connection etc.


    If Pc is moved to another building (which is fed from a different switch) PC will connect.
    When taken back to original location PC usually works ok again.

    Sometime when this does not work, if the Pc is moved to another building and is configured with a fixed IP address (outside of the DHCP scope) it works fine.

    I cannot isolate the problem being PC-specfic rather than a network problem.
    DHCP / DNS issues ??

    What would happen if Aging and scaveging in NOT configured in our DNS ??
    (our IT providers have left this at default settings - off)

    Any ideas?
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    For the ones that don't work, can you give them a static IP instead of moving them around, and if so, does that give them connectivity?

    Have you looked at the DHCP logs on the servers?

    You could also try using something like Wireshark to take a look at the DHCP traffic and see if you notice anything irregular.

    Aging and scavenging could remedy stale DNS records, but that setting isn't going to affect whether or not the machines receive addresses.
  • ClaymooreClaymoore Member Posts: 1,637
    This looks like a configuration problem on those switchports.

    If a port has its speed and duplex manually set, it will neither send nor respond to the packets used in the autonegotiation process so the 'auto' port gives up and chooses the lowest speed of 10Mb/half duplex. Meanwhile the other port continues send and recieveing at its speed and duplex resulting in collisions, dogs and cats living together, mass hysteria - real wrath of god stuff. We had a firewall port misconfigured this way and we were chasing problems for months before our managed firewall vendor finally looked at the port config.

    The ports also may not have 'spanning tree port fast' (or its equivalent) enabled. This can cause problems with DHCP because the NIC is trying to get an address before the port has moved from the blocking to the forwarding state. The NIC will keep trying and eventually get an address, but it may still cause problems when Windows loads.

    The new PCs probably have gigabit NICs which require full duplex and really prefer to auto negotiate. The new PCs probably also boot faster which would expose the DHCP problem as well. Call your network vendor and have them check and compare the config to the switch you know works.
  • wedge1988wedge1988 Member Posts: 434 ■■■□□□□□□□
    It seems to me that your machines cannot find the new scope on the DHCP server. If the machines that cannot find the DHCP server are on the old scope still, then renewing the IP address would be useless. It could be a switch problem; you may have to manually update the table for some reason...

    What is the DHCP lease time on the old IP addresses? try doing a ipconfig /release then an ipconfig /renew

    If aging or scavaging was turned off in DNS, then any addresses that are in DNS would not be removed or updated when the IP address of a machine changed, which in turn would not change in the routing table on the switch because dns would be responding over it etc etc. clear out your old records manually, release the address on the machines. try to then see if its working. If thats not the case then i doubt its an os problem?

    hope this helps in some way..
    ~ wedge1988 ~ IdioT Certified~
    MCSE:2003 ~ MCITP:EA ~ CCNP:R&S ~ CCNA:R&S ~ CCNA:Voice ~ Office 2000 MASTER ~ A+ ~ N+ ~ C&G:IT Diploma ~ Ofqual Entry Japanese
  • neathneathneathneathneathneath Member Posts: 438
    dynamik wrote: »
    For the ones that don't work, can you give them a static IP instead of moving them around, and if so, does that give them connectivity?

    .

    thanks for the replies - seems to be pointing to switch problems, as suspected

    You can assign a static ip address to these "faulty" pc's but you cannot ping anywhere successfully e.g. servers etc

    i.e. limited connectivity (yellow triangle icon) disappears but still can't connect to anything.

    Just for the record, these pc's (if I remember correctly), do not get an APIPA address just shows as media disconnected. If you disconnect the network cable you get a red X rather than the yellow triangle icon in the system tray
  • elaverick1981elaverick1981 Member Posts: 161
    Ideally we could use a bit more information here, an ipconfig /all would be nice, if you've got machines on different subnets then its possible that its just a gateway problem. The fact that this can't be resolved by setting a static IP is a bit odd tho.
    If not then start with some basic problem solving methods, what are the common factors between the PC's? Are the faulting PC's always the same? If so are they on the same switch or different switches?

    Could there be a second DHCP somewhere in the organisation that's not AD aware? If so that might be messing things up for you.
  • dalesdales Member Posts: 225
    Ideally we could use a bit more information here, an ipconfig /all would be nice, if you've got machines on different subnets then its possible that its just a gateway problem. The fact that this can't be resolved by setting a static IP is a bit odd tho.
    If not then start with some basic problem solving methods, what are the common factors between the PC's? Are the faulting PC's always the same? If so are they on the same switch or different switches?

    Could there be a second DHCP somewhere in the organisation that's not AD aware? If so that might be messing things up for you.


    Thats a very good point about a rough dhcp server, if only some pc's in a room are having this problem and others are not and assumidly they are connected to the same switch wouldnt they all have a problem if the switch was at fault. unless you have 2 or three different configs on sets of ports on the switches. I would check the switches to make sure they have been also reset to the new ip ranges as depending on your set up I think that dhcp might be trying to tell which scope to assign to a client by the switch address, unless all the switches feed to a core.
    Kind Regards
    Dale Scriven

    Twitter:dscriven
    Blog: vhorizon.co.uk
  • meadITmeadIT Member Posts: 581 ■■■■□□□□□□
    You can also check to see if they are getting their DHCP info from the same server as the rest (the ones with the good IP addresses). When you run ipconfig /all, check the DHCP server IP address between the good and bad PCs to make sure they are getting their IP info from the same source.

    Also, to see if it is a certain port on the switch that is causing the problem, unplug one of the good PCs and plug the bad PC into their port and see if they can get a good IP address that way.
    CERTS: VCDX #110 / VCAP-DCA #500 (v5 & 4) / VCAP-DCD #10(v5 & 4) / VCP 5 & 4 / EMCISA / MCSE 2003 / MCTS: Vista / CCNA / CCENT / Security+ / Network+ / Project+ / CIW Database Design Specialist, Professional, Associate
  • wedge1988wedge1988 Member Posts: 434 ■■■□□□□□□□
    maybe when you deleted the scope, you accidentally also removed one of the scope options that you needed? maybe your switch requires a specific option?

    Also, you didnt include the broadcast address in the scope you created?

    x.x.x.255

    ideas, ideas...
    ~ wedge1988 ~ IdioT Certified~
    MCSE:2003 ~ MCITP:EA ~ CCNP:R&S ~ CCNA:R&S ~ CCNA:Voice ~ Office 2000 MASTER ~ A+ ~ N+ ~ C&G:IT Diploma ~ Ofqual Entry Japanese
  • lost33causelost33cause Member Posts: 13 ■□□□□□□□□□
    I didn't read in depth but if you're getting a red X saying your disconnected then it's 100% not a dhcp problem. Your going to want to look at your wiring to make sure everything is connected right. Test the jack your connected to would be a good place to start. If you get that fixed and you still don't get dhcp set a static IP up and get the IP for the managed switch and see if you can ping it and just find where your ping fails along the route to the dhcp server.
  • macdudemacdude Member Posts: 173
    Make sure your user have not plugged up there own wireless router. I have seen this at a school one time, where a teacher brought her own wireless router in. I did ipconfigs on the computers that could get to the network and on the ones that can't and saw 2 different subnets. Tracked down the router unplugged it restarted all of the computers and all was working.
  • neathneathneathneathneathneath Member Posts: 438
    We got same problem with a troubled PC again.

    PC looked as if it was connected, not showing the limited connectivity tray icon as it was on a static ip address.

    PC unable to ping anything else. This pc was set on a static ip address outside of the dhcp scope. ipconfig /all revealed everything ok e.g. ip address, dns servers, gateway etc.
    Tried to set pc on dynamic ip settimg but it could not renew ip address.

    In order to try to pinpoint this problem, and to see if its the switch or PC:

    I fitted a new network card into the pc and disabled the onboard NIC. Restarted the pc and it found an ip address automatically and all is now ok.

    Will see how it goes, if this happens again with this PC its a switch related problem .
  • elaverick1981elaverick1981 Member Posts: 161
    You've clearly got a DHCP problem so static IP will just confuse things. Stick to dynamic IP's till you solve it. I still think you have a rogue DHCP server on the network. Try running netmon and seeing what BOOTP messages you're getting
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    If he doesn't have connectivity with a static IP, something else is going on. No issue with DHCP would affect that. It seems like that machine had a bad NIC in this situation.
  • elaverick1981elaverick1981 Member Posts: 161
    dynamik wrote: »
    It seems like that machine had a bad NIC in this situation.

    I would agree except that it's affecting so many other PC's from the original description. It still sounds more like it's being set to a static IP outside of the dynamic range and possibly without the correct subnet.
    Would still be good to see what ipconfig /all is actually reporting on both good and bad PC's.
    Unless their is some really wierd MAC based filtering going on somewhere...
  • wedge1988wedge1988 Member Posts: 434 ■■■□□□□□□□
    only just thought, but it could have been the Driver of the NIC??
    ~ wedge1988 ~ IdioT Certified~
    MCSE:2003 ~ MCITP:EA ~ CCNP:R&S ~ CCNA:R&S ~ CCNA:Voice ~ Office 2000 MASTER ~ A+ ~ N+ ~ C&G:IT Diploma ~ Ofqual Entry Japanese
Sign In or Register to comment.