"Flaky" internet on domain

[MSgherzi]

I'm not sure if this should be under networking or servers...


I thought it was time for me to finally learn the ins and outs of domains by use of active directory, group policy management, etc. Things I never really got around to learning. I picked up a copy of Server 2008 and installed it on VirtualBox and bridged over my network adapter. I have a Vista x86 copy running on VirtualBox as well, with both of them fired up at the same time.

I configured my domain and got the Vista client connected and managed to apply GPOs and terminal services successfully and everything. One problem I'm having is how flaky the internet is on both of these OSes.

I can get Google, IPChicken, and some other sites to usually load with no problem. Some websites do not load at all, or will take a very long time to load. For instance, I'm trying to browse over to Mozilla's website and download Firefox. When I finally get the site loaded and try downloading, it will download only a portion of firefox and stop completely. Sometimes it will download 200-400k, sometimes 1-2mb. It will always stop at some point before completing, though.

I'm thinking this might be a DNS issue. I have the domain controller set as the primary DNS on the Vista client (secondary is blank). I also have the primary DNS on the DC pointing back to itself. I have the DNS server installed, but I'm not sure how to it is supposed to be configured (if at all).

There are no GPOs that are influencing this, either. Pinging resolves and communicates properly, as well.

Could someone point me in the right direction and tell me what I'm doing wrong here?


Thanks in advance,
Matt

 

[SAG]

Hrm.
On the DC, open a command prompt and try to ping google.com, does it take 3 or 4 seconds before it starts?
Now try to just ping 8.8.8.8 and see if it starts pinging immediately.

If both of those return true, then likely it's your forwarders. I see this alot when people who are not familiar with setting up DNS on a DC do the job - nothing to be ashamed of, at least you are not learning on customer equipment.

On the DC, in Administrativ Tools open DNS.
-> Right Click on your DC in the left pane and chose Properties.
-> Chose the Forwarders tab.
-> See what you have in the list.

You should have good reliable nameservers in the list. For simplicity's sake, make sure your ISP's nameservers are the only two there and see what happens.

 

[NETWizz]

Sounds like a problem with Virtual box or the network drivers...

I mean, certainly, if it starts a download that failed presumably the name was correctly resolved.

Regardless, it is important to find out what DNS servers are being used then check them.

ipconfig /all should tell you if the Windows DNS server is being used (presumably it is if Active Directory is working and GPOs are loading).

Does that DNS server have forwarding (to Internet DNS) enabled? Can you execute queries against your domain DNS server with nslookup and resolve Interent names?

If it cannot even find the website names, you have a DNS problem. If downloads start and fail, it is something else, and I would recommend you try VMWare or HyperV

 

[SAG]

Sounds like a problem with Virtual box or the network drivers...

I mean, certainly, if it starts a download that failed presumably the name was correctly resolved.

Regardless, it is important to find out what DNS servers are being used then check them.

ipconfig /all should tell you if the Windows DNS server is being used (presumably it is if Active Directory is working and GPOs are loading).

Does that DNS server have forwarding (to Internet DNS) enabled? Can you execute queries against your domain DNS server with nslookup and resolve Interent names?

If it cannot even find the website names, you have a DNS problem. If downloads start and fail, it is something else, and I would recommend you try VMWare or HyperV

I bolded the portion I am replaying to.
True, if the download begins and then fails, DNS worked in one way or another.
But I prefer the baby steps approach. His post eluded to this being his first setup, and I see the issue I addressed sooooo many times by people setting up their first DC. So I had to make sure that was addressed first.

You bring up alot of good points though. All of which should be looked into.

 

[MSgherzi]

Hrm.
On the DC, open a command prompt and try to ping google.com, does it take 3 or 4 seconds before it starts?
Now try to just ping 8.8.8.8 and see if it starts pinging immediately.

If both of those return true, then likely it's your forwarders. I see this alot when people who are not familiar with setting up DNS on a DC do the job - nothing to be ashamed of, at least you are not learning on customer equipment.

On the DC, in Administrativ Tools open DNS.
-> Right Click on your DC in the left pane and chose Properties.
-> Chose the Forwarders tab.
-> See what you have in the list.

You should have good reliable nameservers in the list. For simplicity's sake, make sure your ISP's nameservers are the only two there and see what happens.

Thanks for your response.

I went ahead and pinged Google. It took a good 5 seconds to ping, and each response took just as long, with one of them timing out completely. Pinging 8.8.8.8 works immediately. This was on the client. On the DC, Google immediately responded, but one timed out and it took a few seconds for each to come in.

Under the conditional forwarders, I have two DNS servers from my ISP in there. I read somewhere that those are supposed to be in there, so I've got 68.94.156.1 and 68.94.157.1 in there.

Any other suggestions would be great since I'm still having the problem.

 

[MSgherzi]

Sounds like a problem with Virtual box or the network drivers...

I mean, certainly, if it starts a download that failed presumably the name was correctly resolved.

Regardless, it is important to find out what DNS servers are being used then check them.

ipconfig /all should tell you if the Windows DNS server is being used (presumably it is if Active Directory is working and GPOs are loading).

Does that DNS server have forwarding (to Internet DNS) enabled? Can you execute queries against your domain DNS server with nslookup and resolve Interent names?

If it cannot even find the website names, you have a DNS problem. If downloads start and fail, it is something else, and I would recommend you try VMWare or HyperV

The client's DNS is pointing to the DC 192.168.8.106, as is the DC pointing to itself, as well. I have my ISP DNS servers under the conditional forwarders in the DC.

NSLookup failed at first, then it started resolving. This was using the DC's IP address for the DNS server.

 

[MSgherzi]

Any ideas? I've been working on this and looking online, but have not been able to find anything that points to why this is still happening.

 

[SAG]

For kicks and giggles, disable the firewall and AV on the server and a client PC and see what happens.

Also, run a good ping test against your gateway from the DC for 30 minutes or so to see what results you get.

Sorry, I forgot all about this thread.

 

[MSgherzi]

I don't have any security software on either of them since they're fresh installs, but I already tried disabling Windows Firewall on each one. That didn't seem to solve the issue.

I ran a continuous ping against my gateway from the DC, and it was successful roughly 98-99% of the time with only a couple of losses.

Some websites load instantly (IPChicken being one) and others I can tell are being resolved far quicker than they end up loading (if at all). Still having the same problem on each VM.

I don't think an OS re-install will do anything here, since both VMs with different OSes are having the same problem. I'm going to try and remove the client from the domain entirely and see if that fixes the problem. That way, I can try and narrow it down to either the domain or VirtualBox itself.


In the meantime, please feel free to give me any further feedback on how I might possibly solve this.


Thanks,
Matt