have you tried an alternate DNS server just in case?
which firewall do you have?
what is your default gateway?
can you tracert BBC - Homepage ?
I've a problem that I can't seem to find a solution too.
Windows 2k8R2 running DNS (AD/PrintServer) on VMWare ESXi 5.1 (dedicated NIC in host)
DNS forwarders set up to point to ISP. Firewall on server and VMware has ports 53 open for TCP and UDP.
Firewall also has ports 53 open for outbound traffic.
Internal name resolution looks fine, responese when using NSLookup run fine. However when accessing external sites in IE (and firefox) it hangs then comes up with "page not displayed".
NSlookups then time out.
However it's not consistant, the name resolution is slow but sometimes works. Then seems to wake up and run super fast before I start getting pages not displayed. If I download a file I get the full bandwidth so I know it's not our internet overall. It lacks any form of consistnecy that would be usefull in determining the cause!
but I'm running out of ideas.
The setup prety much mirrors our other site which runs fine. The only differnece being the DNS servers are physical.
To make matters more frustrating there is a seperate wireless network which runs seperately on a different VLAN and has it's own firewall and this is fine. Runs as quickly as I would expect.
And advice would be appreciated..
Last edited by Stuart_C; 20th May 2013 at 02:28 PM.
Netger Firewall SRX5308 along with the windows firewall.
Default gateway is the firewall
I can tracert the bbc homepage when DNS bothers to resolve an IP address.
What I'd like to do in tracert the DNS request!
Probably should add this server is the only DNS server on a site (SiteA). There is a VPN link between SiteA and SiteB and secondary DNS is located on SiteB. However I can't see how that's an issue when I'm running NSlookups against SiteA DNS Server. Additionally when testing I tried using only a single DNS server, the one at siteA when I was at siteA and it was still rubbish.
I think I might have found the answer. It's early days but signs look good.
Basically at Easter the local tech broke the firewall and it was updated and flshed with the latest firmware by netgear. It would seem the firewall defaults include a switched on and somewhat sensative LAN side UDP flood attack check. So I believe the firwall was detecting the usual DNS usage of a small school as an attack/virus and blocking connnections. Which explains why sometimes it was lightning quick and sometimes not as it depended on the number of connections attempts at any given moment.
A bit of configuration later and it's less grumpy and the internet seems to be running as fast as it should.
There are currently 1 users browsing this thread. (0 members and 1 guests)