NAT Clients slow missing web

[Raymond Barrett]

The NAT clients on our network are experiencing really
slow internet browsing. from the server web pages draw
very quickly. From all clients web pages are drawn
slowly. The clients hold up on a graphic download and
don't move very fast generally. Any preliminary checks I
could make to begin to diagnose this problem. Win2000
SP3.XP Clients

Any help would be much appreciated

Raymond R/ Barrett

 

[Ace Fekay [MVP]]

In

The NAT clients on our network are experiencing really
slow internet browsing. from the server web pages draw
very quickly. From all clients web pages are drawn
slowly. The clients hold up on a graphic download and
don't move very fast generally. Any preliminary checks I
could make to begin to diagnose this problem. Win2000
SP3.XP Clients

Any help would be much appreciated

Raymond R/ Barrett

What type of NAT server is it?

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Raymond R. Barrett]

Don't know if I'm right but I'm using ISP's DNS for
clients first then my DNS. AD is installed.

C:\Documents and Settings\Administrator>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : bcas
Primary DNS Suffix . . . . . . . : bcas-tbf.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : bcas-tbf.local

mia.bellsouth.net

Ethernet adapter BCAS-LAN:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink
XL 10/100 PCI NIC (3C
905-TX)
Physical Address. . . . . . . . . : 00-60-97-C3-CB-
19
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1

Ethernet adapter Bellsouth.net ADSL:

Connection-specific DNS Suffix . :
mia.bellsouth.net
Description . . . . . . . . . . . : 3Com EtherLink
III ISA (3C509b-TPO)
Physical Address. . . . . . . . . : 00-10-4B-16-C0-
51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 67.34.72.243
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 67.34.72.1
DHCP Server . . . . . . . . . . . : 205.152.144.4
DNS Servers . . . . . . . . . . . : 205.152.144.252
205.152.0.5
Lease Obtained. . . . . . . . . . : Sunday, August
03, 2003 5:13:51
Lease Expires . . . . . . . . . . : Sunday, August
03, 2003 17:13:51

When I have seen multi homed situations work. The node
type on the clients appears as mixed. One of the clients
hhas their node type appearing as unknown.

Thank you for your assistance

RRB

 

[Lanwench [MVP - Exchange]]

That's the problem right there - all servers and workstations should specify
only the internal AD-integrated DNS server's IP address in their network
settings. The AD-integrated DNS server should be set up with forwarders to
several public DNS servers (or use root hints) for external resolution.

See http://support.microsoft.com/default.aspx?scid=kb;en-us;300202 for more
info.

 

[Ace Fekay [MVP]]

In Lanwench [MVP - Exchange]

That's the problem right there - all servers and workstations should
specify only the internal AD-integrated DNS server's IP address in
their network settings. The AD-integrated DNS server should be set up
with forwarders to several public DNS servers (or use root hints) for
external resolution.

See http://support.microsoft.com/default.aspx?scid=kb;en-us;300202
for more info.

I agree!

At least the binding order is correct (the internal interface is listed
first).

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Raymond R. Barrett]

OK. I cleaned that up. However the problem still
persists. When drawing web pages on clients there are
frequent DNS timeouts, many missing graphics, and long
pauses to download seemingly small graphics. I made all
nics point to the dns private network. I added a forward
entry to the dns properties forwarding it to the ISP's dns
server. Yet the clients still don't act right. If I
can't gain anything from this I think I'll just format and
the restore the data. There has to be something wrong
with the dns server within the network but I just cant
figure it out.

Raymond R. Barrett

-----Original Message-----
In Lanwench [MVP - Exchange]
<[email protected]
, posted their
thoughts, then I offered my thoughts down below:

That's the problem right there - all servers and workstations should
specify only the internal AD-integrated DNS server's IP address in
their network settings. The AD-integrated DNS server should be set up
with forwarders to several public DNS servers (or use root hints) for
external resolution.

See http://support.microsoft.com/default.aspx? scid=kb;en-us;300202
for more info.

I agree!

At least the binding order is correct (the internal interface is listed
first).

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================


.

 

[Ace Fekay [MVP]]

In

OK. I cleaned that up. However the problem still
persists. When drawing web pages on clients there are
frequent DNS timeouts, many missing graphics, and long
pauses to download seemingly small graphics. I made all
nics point to the dns private network. I added a forward
entry to the dns properties forwarding it to the ISP's dns
server. Yet the clients still don't act right. If I
can't gain anything from this I think I'll just format and
the restore the data. There has to be something wrong
with the dns server within the network but I just cant
figure it out.

Raymond R. Barrett

Hmm,

If you restart the DNS service on your DNS server (don't restart the whole
machine), does it work afterwards? If so, I would suggest to enable Secure
Cache Against Pollution.

If the problem persists, then I would probably remove the DNS service
completely, (don't reinstall the whole machine), remove all the reg entries,
delete the DNS folder in system32, then restart the machine, then reinstall
DNS, then re-run the latest Service Pack, then setup your zones.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jonathan de Boyne Pollard]

RRB> When drawing web pages on clients there are
RRB> frequent DNS timeouts, many missing graphics, and long
RRB> pauses to download seemingly small graphics.

Determine that this really _is_ a DNS problem in the first place, before
fiddling with your DNS service too much. Use a tool such as "dig" or
"dnsquery" to issue DNS queries for the domain names in the URLs from the same
machines, and to the default DNS server that is configured into the DNS Client
on those machines, and see whether the lookups really _do_ time out.

If you have configured and are using a proxy HTTP server; issue those same DNS
queries on that server instead, and on the web browser machines issue the DNS
queries to look up your proxy HTTP server using the name that your web
browsers know it by.

If these _do_ result in DNS lookups timing out, and the problem has not then
become apparent, show us the tests that you ran and their exact results.

If the DNS lookups succeed, then your problem is not a DNS problem.

 

[Raymond R. Barrett]

I really, really have to thank you guys for contemplating
my problem. I looked at some of the other servers
without this prob and It just dawned on me that something
else was going on. I eventually found the answer. Maybe
this will be of use for you guys in the future.

http://hamfisted.net/articles/2003/tips/ics_fix/

which led me to ->

http://support.microsoft.com/default.aspx?scid=kb;en-
us;324288

Once again. Thank you, Thank you, Thank you

RRB