Strange internet problem
Im having a strange problem at school that only started during the half-term break in February(maybe the week before, but no earlier).
Our setup was as such:
Windows 2003 SP2 + updates
ISA Server 2000 SP2/FP1 + updates (CLEO as ISP in Lancashire)
Webproxy service running on ISA to allow kids access to internet (various rules for blocking internet on a per room basis, naughty kids etc).
Firewall client installed on the odd few pcs for outlook 2003 to work.
Our access is filtered, and any internet access must go through proxy.lancsngfl.ac.uk (ISA is chained to this proxy)
This has been running for some time (around 2 years) with no problems (other than the odd restart being needed as the machine wasnt particulary high spec)
While browsing the internet appeared to break for no particular reason. ISA was reporting timeouts.
I found the following things while this problem existed(only a few minutes at a time):
Video conferencing PC (xp/average spec) has direct access to the CLEO switch and gets its internet via proxy.lancsngfl.ac.uk rather than our ISA server. This pc continued to work, browsing worked, nslookup was returning responses ok.
On ISA, nslookups would fail, couldnt browse to ip addresses either (these timed out). I thought to replace the ISA server as it was getting old and needed doing anyway.
Once replaced with a quad core/4gb ram/same config (imported from previous machine) it started to produce the same errors. Timeouts appearing for a few minutes at random intervals. I tried the ISA server into the same port that the video conferencing machine was working fine on - same problem (also using different cat5e lead)
After all this I thought, if the VC pc is working fine while ISA goes off, it must be ISA related - maybe some config had been changed/added recently (damn sure it hadnt been touched for a long time)
Removed the ISA machine and replaced with Smoothwall 3 SP2 + Advanced Proxy. Set it up offline, got everything working no problems.
Swapped it out with ISA, made revelant dns changes/proxy changes.
Still getting the same random timeout problem, Smoothwall reports the parent cache is unavailable for a few minutes then starts working again.
Driving me up the wall, Ive replaced virtually everything but it still wont work.
Yet the video conferencing machine carries on working fine - suggesting there is nothing wrong with our physical connection.
VC will be working because it doesn't make use of any DNS or proxy infrastructure. Your upstream proxy could fail and your VC would carry on working, whilst your ISA box fails.
So my guess would be that the upstream proxy is having issues, not you.
I'm in Cumbria, we use CLEO, but I know it's sometimes a slightly different flavour to Lancs CLEO... but this is what I would try.
CLEO DID, I think make some changes to the way the web proxies work over half term, but I'm not sure exactly what they were.
First, Can you ping wwwcache.cleo.net.uk from the isa server when it's not responding?
Second, If you ping it several times, you may notice that it resolves to a different IP (a choice of about 4 I think) some of the time. Try putting one of those in as your upstream proxy rather than wwwcache.cleo.net.uk - if that fixes it you may need to contact CLEO for advice as you are riding rough-shod over their load balancing system - but I'll leave that to your concience;)
Just thinking that the change of IP address "mid stream" could be causing problems...
When I talk about VC machine, its just another PC that we use for VCing.. When the internet supposedly goes off, i go over to this machine and try to browse using IE (set to use proxy.lancsngfl.ac.uk) - this works fine
I try nslookup on the same pc - fine.
The same fails on ISA when tried within a few seconds while the internet is 'broke'.
I forgot to mention, but i did try the ip address, while I had ISA running (rather than using the DNS proxy.lancsngfl.ac.uk) - same problem.