Windows 2000 Server/XP Client Slow Network Access Time Issues

[jenious]

Here's hoping someone here might have some insight into this issue.

We have a Windows 2000 Server (Single Primary Domain Controller) that has been up and running fine with no problems for a couple years. Until just recently all workstations were windows 98 based and everything worked wonderfully. During the past year, a couple XP test clients were added and things again seemed to be working okay.

Just recently we did a full scall roll-out with XP and now are having some major network issues. Any files etc accessed off the network file server (domain server) take a very long time to open (30seconds to 4 minutes), same with network printing etc. Logging onto the domain can take up to 10minutes sometimes. There are still a couple older machines running Windows 98 and they have absolutely no problems or lag times. Also there is no delay or lag time accessing the internet through a seperate internet proxy server.

I haven't been able to find any XP/2000server incompatability issues. All clients are running only the TCP/IP protocol and are DHCP assigned their ip information. (DHCP Server is located on Domain Server). All network infrastructure is new within the last two years as well so that's not a problem (Cat 5e, Gigabit Switches).

Some of the new machines came preloaded with XP SP2 and I thought originally that might be a problem, however the same lagging issues were occuring on a SP1 setup.

Any ideas? Things are starting to get pretty frustrating over here. Thanks

 

[stash]

What IP is the DHCP server handing out for DNS? The clients should point ONLY to the domain controller for DNS. If that is the only DC, their secondary DNS should be blank. No machine on your network should be configured to point to your ISP or a router for DNS.

 

[jenious]

Hey Stash, thanks for the quick reply. Okay, I'll try to fill int the blanks in terms of the missing information.

Main server ip is 10.0.0.1
Proxy IP is 10.0.0.2

All machines are DHCP set to and ip range within 10.0.0.20 and .250 with their gateway set to to the proxy ip. which is 10.0.0.2. All ISP DNS entries etc are set up on this machine and it is multihomes to connect on one side to the ISP connection and to the main domain server on the other.

The client machines are set to obtain a DNS address automatically and to tell you the truth I'm not certain that they're picking up the proper one. I'll double check on that. Thanks

 

[jenious]

Looks like you might have hit it on the head. Checked the client setting and the DHCP was doling out first the proxy ip and then the two ISP DNS server ips to the XP boxes. Manually set them to the domain controller and then the proxy as secondary (Otherwise the transparent proxy would no longer function correctly) Will that present a problem?

Here's hoping that fixes the issue. Thanks again!

 

[stash]

Yes, using the proxy as a secondary will cause a problem somewher down the line. The proxy server does not hold the records that are need for Active Directory to work correctly, namely SRV records. Your domain controller does. If for some reason, the DC (which is now the primary DNS server) does not respond to a client's query before the timeout, the client will use its secondary DNS server.

Once a client switches to the secondary DNS, it will use that server until the client is rebooted or the secondary DNS server does not respond within the timeout period. So during that time, clients will go back to experiencing slow logons and slow network access.

I don't know how to work around the transparent proxy problem, but to get clients out on the Internet, you need to configure either your proxy's IP or your ISPs DNS servers (or both) in the DNS forwarders tab in DNS. On the DC, open the DNS console, right click on the server and go to properties. Click on the forwarders tab and check the box to enable. Enter the IPs in the space below that. Make sure you restart te DNS server service after making the changes.

 

[jenious]

Thanks again for the quick reply. I actually thought about the ip forwarding thing before setting the proxy as the secondary DNS but I'm not allowed to add any forwarding ips to the DCs DNS server as it tells me it is unable to since it is a root server.

 

[stash]

Your DNS server should not be a root server. You probably have a zone under forward lookup zones called (.). You should delete that and then you'll be able to add forwarders (you may need to restart the DNS service)

 

[jenious]

Beauty. Thanks for saving my lazy butt from having to look things up. It's a pretty simple network so I've never had to do much with the DNS server and don't really know a whole lot about it.

You've been a huge help, thanks again. Guess I'll have to go poke around in the hardware forum now see if I can pay back my dept