Internet access problem...related to DHCP? 1

[irishguywi]

This has just started to occur at a client of mine, and I am stumped.

I am going to try and explain it coherently for you...and please remember that this problem is affecting individual machines.

Network is DHCP Based.
Problem started 14 days ago...no major installations/configuration changes in that time period (that I am aware of).
Machines are NT based (2K and XP), and have all WindowsUpdates installed.

Machine A is working just fine, surfing the net, etc. Machine B is working just fine, sufging the net, etc.

Machine A starts getting 404 errors. 90% of internet sites will not load. Yet 10% will. Email can be sent from Machine A to Machine B, and to off site email servers.
During this whole time, Machine B works just fine, and can access all internet sites.

When a release/renew or just a renew is done on Machine A, the problem is "fixed" for a period of time.
Also, if you just wait 10 minutes, the problem will "fix" itself for a period of time.


Has anyone EVER seen/dealt with something like this before?


Thank you in advance.


Chris

 

[RoryJMcKenna]

Is it always the same machine that has the problem...Compare internet settings from machine A to Machine B... You could have something simple like automatic proxy detection..It will sometimes cause problems surfing..Do you run antivirus software on the problem machine? I've seen Viruses do stranger things!

 

[irishguywi]

Good suggestion. I checked that first actually.

I just used Machine A and B for the sake of simplicity, but in actuality it is happening on MANY machines in the office.

As for AV, McAfee...but that has been implimented for over 3 years without a problem.

 

[tcambridge]

Are Machine A and B on the same subnet? Is the problem only happening to machines in the same office? Are there any machines on the same subnet as the DHCP server having the same problem? Is there a router between the machines having problems and the DHCP server? What about a switch - have you checked your ports on the switch to see if they are having problems? How is the traffic on the network - intermittent, slow, or normal?

Since some of the machines aren't having that problem, I'm leaning towards some type of network issue.

Looking forward to your answers...

Tim Cambridge
A+, CCNA, MCSA, MCSE (W2K)

 

[irishguywi]

-All machines are on a single subnet.
-Only one office for the machines to be having troubles with.
-No router between the machines and the DHCP server.
-Switch Management Software does not show any bottlenecks/problems.
-Network is a fully switched 100M...and all other applications are running at normal speed.

Not all users have internet access as part of their necessary business functions. It may be happening to them, but they don't know it because they don't use it that often.

Not sure if that helps...

 

[RoryJMcKenna]

-Are you running out of Ip's in your DHCP scope???
I've seen this happen if computers are fighting for Ip's
-Have you done a ipconfig /all on a problem workststation when you have lost connectivity??
-Can you ping your gateway when the problem occurs..If so can you ping by Ip on the internet??
-If so can you then ping by name on the internet??
On second thought I guess all this is irrelevant if you say you can still send mail off site when the prob occurs...
So that leaves me thinking on of two things...DNS or internet settings..is your outgoing mail server on your internal network or outside?? Are you using an IP address for outgoing mail if not and are using a name i.e. mail.yourmailserver.com and it is external to your private network..you can rule out DNS.
-Are you computers all up to date with IE6 service pack 1??

 

[irishguywi]

- Scope is fine...130 available.
- I have not done an "ipconfig /all" ... just "ipconfig /renew" which "fixes" it temporarily
- Have not tried to ping the gateway. Will try that next time it happens
- I tried pinging by IP and I *think* it worked, but did not work by name. So...I have been looking at DNS issues as well. Everything looks good.

- Email server is exchange, and it is internal.

- All PCs have full Windows Updates installed. Both for OS and associated applications.



What confuses me most is that I am able to send email and ping other machines on the network when my machine loses the net. I can also ping other machines from a good machine when they loose the net.

Hope some of this info helps!


Thank you for all your assistance.

 

[paladin256]

Is there a firewall installed on the network. If you can send mail fine to remote mail servers it sound like DNS is working fine. I would start looking at any filters that are in place because from what I have read it seems to me the machine is having port 80 issues. When this is happening can ftp out to other locations fine? Let me know.

 

[irishguywi]

FTP...did not think of that.
Yes, we have a firewall, but I administer that and no changes have been made to it since the problems have started happening.

Also, there are no eventlog entries in either the host or server machines.

I will try the FTP thing once it breaks again, and report back then.

 

[Whoheard]

Increase the lease time on the DHCP settings and see if that changes the time frame of the problem reappearing.

bob

 

[sgscit]

try an ipconfig /flushdns

if this fixes it temporarily it is a dns issue.

I had a very very similar problem. I created a secondary server for dns caching for the Internet and other than when it was getting too many requests and timing out, I no longer had issues. Created a second DNS server out of an old PC as a backup for timeout purposes and now we never get the problems (other than those generated by our provider)

Cheers,

Pete

 

[RoryJMcKenna]

What are you using for DNS your internal server or an external internet Server...Try changing the name server in your DNS scope...Do you have Primary and secondary set??

***You said****
- I tried pinging by IP and I *think* it worked, but did not work by name. (((DNS)))

- Email server is exchange, and it is internal.

What confuses me most is that I am able to send email and ping other machines on the network when my machine loses the net. I can also ping other machines from a good machine when they loose the net. (((you can send mail because your SMTP server is on the local network...Even if the mail server is having trouble resolving internet names it should continue to try and send the failed message for 5 days...At least that is the Linux Sendmail default..Check your mail server logs...)))

some techs that I work with swear by using the Domain controller for DNS and setup forwarding from there...they say you can load your profile quicker...access network shares faster etc. we use DHCP and I always staticly assign my external Linux box as my DNS server...network access is fine. (Plus when ever the precious Windoze box goes down for a reboot everyone but me loses internet access.)