Win2000, WinXP ICS

  • Thread starter Thread starter Kevin C
  • Start date Start date
K

Kevin C

Help. I have an ICS (Internet Connection Sharing) problem:

---------------------------
Senario:
---------------------------
HOST is a Windows 2000 Server with 2 NIC cards (DSL, Internal LAN)
* DHCP Server not enabled, DNS Server not enabled

CLIENT is a WinXP with 1 NIC card (Internal LAN)

I have ICS enabled on the HOST's Internal LAN and I know it is working
because the CLIENT can get to the internet (ie., ping's, tracert's, etc)
However 2 out of 10 page requests get 'Cannot find Server' errors... I've
tried looking online for a solution but I cannot find anything. What
conflicts could be occuring between HOST and CLIENT that can cause this? How
do I troubleshoot and fix this? I've included both machine's IP
configuration below...

Thank you in advance for any help with this!

Cheers,
-Kevin

---------------------------
The HOST ipconfig is:
---------------------------
C:\> ipconfig /all
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : KEVIN
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Internal:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DFE-530TX+ PCI Adapter
Physical Address. . . . . . . . . : 00-40-05-0F-F9-23
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 206.13.30.12
206.13.29.12

Ethernet adapter DSL:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI For
Complete PC Management NIC (3C905C-TX)
Physical Address. . . . . . . . . : 00-50-04-D8-A8-9C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Autoconfiguration IP Address. . . : 169.254.131.103
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :

PPP adapter WinPoET v4.0 Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 68.122.135.92
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 68.122.135.92
DNS Servers . . . . . . . . . . . : 206.13.30.12
206.13.29.12

---------------------------
The CLIENT ipconfig is
---------------------------
C:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : NADIA
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Internal LAN:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network
Connection
Physical Address. . . . . . . . . : 00-07-E9-67-52-0A
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.134
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Thursday, September 25, 2003
8:59:07AM
Lease Expires . . . . . . . . . . : Thursday, October 02, 2003
8:59:07 AM
 
Disable ICS on the HOST's Internal LAN interface. Enable ICS on the HOST's
Internet interface.

Doug Sherman
MCSE Win2k/NT4.0, MCSA, MCP+I, MVP
 
Kevin said:
Help. I have an ICS (Internet Connection Sharing) problem:

---------------------------
Senario:
---------------------------
HOST is a Windows 2000 Server with 2 NIC cards (DSL, Internal LAN)
* DHCP Server not enabled, DNS Server not enabled

CLIENT is a WinXP with 1 NIC card (Internal LAN)

I have ICS enabled on the HOST's Internal LAN and I know it is working
because the CLIENT can get to the internet (ie., ping's, tracert's, etc)
However 2 out of 10 page requests get 'Cannot find Server' errors... I've
tried looking online for a solution but I cannot find anything. What
conflicts could be occuring between HOST and CLIENT that can cause this? How
do I troubleshoot and fix this? I've included both machine's IP
configuration below...

Thank you in advance for any help with this!

Cheers,
-Kevin

[]

Goto http://www.dslreports.com/faq

There are two articles of interest there; one explains what the MTU is, the
other on how to adjust it. There may be an option in WinPoet to adjust it (I
don't know).

Your server probably has the default MTU of 1500 (this is normal). You should
call your ISP tech support to find out what the MTU for your service is. 1492
is a pretty common one.

regards,

SteveC
======
If at first you don't succeed, forget skydiving
 
Thanks for the quick reply... Should I change the MTU on the SERVER, CLIENT
or both?

cheers,
-k

SteveC said:
Kevin said:
Help. I have an ICS (Internet Connection Sharing) problem:

---------------------------
Senario:
---------------------------
HOST is a Windows 2000 Server with 2 NIC cards (DSL, Internal LAN)
* DHCP Server not enabled, DNS Server not enabled

CLIENT is a WinXP with 1 NIC card (Internal LAN)

I have ICS enabled on the HOST's Internal LAN and I know it is working
because the CLIENT can get to the internet (ie., ping's, tracert's, etc)
However 2 out of 10 page requests get 'Cannot find Server' errors... I've
tried looking online for a solution but I cannot find anything. What
conflicts could be occuring between HOST and CLIENT that can cause this? How
do I troubleshoot and fix this? I've included both machine's IP
configuration below...

Thank you in advance for any help with this!

Cheers,
-Kevin

[]

Goto http://www.dslreports.com/faq

There are two articles of interest there; one explains what the MTU is, the
other on how to adjust it. There may be an option in WinPoet to adjust it (I
don't know).

Your server probably has the default MTU of 1500 (this is normal). You should
call your ISP tech support to find out what the MTU for your service is. 1492
is a pretty common one.

regards,

SteveC
======
If at first you don't succeed, forget skydiving
 
I found the optimum MTU (DOS ping test) and changed it on all TcpIp
interfaces for both the CLIENT and the HOST (MTU=1460)

However the problems are still the same.... One thing I've also noticed is
that some HTML page requests come back in half... ie., a page will look like
it's timing out, but when I view source, the HTML source is half (or
partially) loaded....

Any ideas?

-Kevin


SteveC said:
Kevin said:
Help. I have an ICS (Internet Connection Sharing) problem:

---------------------------
Senario:
---------------------------
HOST is a Windows 2000 Server with 2 NIC cards (DSL, Internal LAN)
* DHCP Server not enabled, DNS Server not enabled

CLIENT is a WinXP with 1 NIC card (Internal LAN)

I have ICS enabled on the HOST's Internal LAN and I know it is working
because the CLIENT can get to the internet (ie., ping's, tracert's, etc)
However 2 out of 10 page requests get 'Cannot find Server' errors... I've
tried looking online for a solution but I cannot find anything. What
conflicts could be occuring between HOST and CLIENT that can cause this? How
do I troubleshoot and fix this? I've included both machine's IP
configuration below...

Thank you in advance for any help with this!

Cheers,
-Kevin

[]

Goto http://www.dslreports.com/faq

There are two articles of interest there; one explains what the MTU is, the
other on how to adjust it. There may be an option in WinPoet to adjust it (I
don't know).

Your server probably has the default MTU of 1500 (this is normal). You should
call your ISP tech support to find out what the MTU for your service is. 1492
is a pretty common one.

regards,

SteveC
======
If at first you don't succeed, forget skydiving
 
Kevin said:
Thanks for the quick reply... Should I change the MTU on the SERVER, CLIENT
or both?

cheers,
-k

Just on the server, on the NIC that connects to the internet.
Leave the client and the NIC used for your internal network alone.

regards,

SteveC
======
If at first you don't succeed, forget skydiving
 
Kevin said:
I found the optimum MTU (DOS ping test) and changed it on all TcpIp
interfaces for both the CLIENT and the HOST (MTU=1460)

However the problems are still the same.... One thing I've also noticed is
that some HTML page requests come back in half... ie., a page will look like
it's timing out, but when I view source, the HTML source is half (or
partially) loaded....

Any ideas?

-Kevin
When you ran the DOS ping test, was the command:

ping -l 1460 -f <internet address>

If so, you can increase your MTU to 1488 (1460+28). The 28 byte is
from TCP/IP overhead.

Also, you should have run the ping test only from your server.

MTU should be changed only on the server and only on the NIC that
connects to the internet.

I don't know what the effects of changing it the client and internal
NIC of your server. I imagine it would slow things down on the
network side.

regards,

SteveC
======
If at first you don't succeed, forget skydiving
 
Steve,

1460 = 1432 + 28

It seems that the problem has to do with data over 16kb -- If I load a 30kb
page, it takes a really long time... I can load a 10kb file in a
millisecond. However I can download large files fine, and all DSL speed
testers indicate that everything is a-ok...

i'm stumped.

-k
 
Kevin said:
Steve,

1460 = 1432 + 28

It seems that the problem has to do with data over 16kb -- If I load a 30kb
page, it takes a really long time... I can load a 10kb file in a
millisecond. However I can download large files fine, and all DSL speed
testers indicate that everything is a-ok...

i'm stumped.

-k
Try lowering the MTU down some more.
I would check with your ISP tech support so you don't have to perform
this guessing game.

Did you change the MTU back to 1500 on the client and the private nic
of the server?

regards,

SteveC
======
If at first you don't succeed, forget skydiving
 
Steve,

Thanks for the help -- would changing the MTU values effect the CLIENT
computer? The HOST has zero problems with it's internet connection...

thanks..

-Kevin
 
Kevin said:
Steve,

Thanks for the help -- would changing the MTU values effect the CLIENT
computer? The HOST has zero problems with it's internet connection...

thanks..

-Kevin

Yes, it does affect it.
Did you change it back to 1500?
And the server internal NIC too?

regards,

SteveC
======
If at first you don't succeed, forget skydiving
 
Sinner!

It worked ... does anyone know why this proxy server does a better job at
the built in windows ICS? Kind of lame that microsoft can't even get their
own proxy stuff working...

cheers and thanks again!
-k
 
The problem is that Win2K ICS is a Black Hole Router. Read about
Black Hole Routers here:
http://support.microsoft.com/?id=314825

To see the Black Hole behavior, try these two commands from a DOS
window on the Gateway machine and the other machines:

ping www.ebay.com -f -l 1472
ping www.ebay.com -f -l 1432

Also try www.google.com and www.abcnews.go.com. The gateway machine
for 1472 will respond "packet needs to be fragmented but DF Set."
All other setting will respond "Request timed out." When browsing,
the gateway machine sees the message and reconnects with a smaller
MTU. Bu the gateway never relays this information to the ICS clients.

The workaround is to use Method 3 from the article and set the MTU
size of the client machines to 1460 (=1432+28).

I'm hoping that one of the pros here will pick up on this and get
Microsoft to fix ICS.
 
Back
Top