slow internet/web browsing performance while on Active Directory domain

Question

_{Wednesday, October 26, 2011 7:52 PM}

Hey guys, SO i got a weird problem. Im new at this company and there was a fire in the server room, nothing was damaged luckly. Only thing that happened was power was shutdown. Ever since then the network performance for browsing the internet is slow.. takes 20+ seconds to load even google sometimes. Once i take the desktop off the domain it works amazingly fast as it should. There is a mix of windows 7 and windows xp workstations on different vlans in the building. Since nothing has changed to our configuration.. would could it be? This is also what ive been told and im trying to troubleshoot this to keep productivity at the maximum for our employees to keep the cash cow goin if ya get my drift ;) thanks in advance

All replies (13)

_{Friday, October 28, 2011 12:45 PM ✅Answered}

Hey guys, again thank you for the help. But youre initial assumptions were correct. What i just found out was theres a Fortinet appliance on the network doing traffic monitoring.. We shut down the service that runs on the 2nd dns controller. All our problems are solved. Weird huh?

_{Wednesday, October 26, 2011 8:16 PM}

Is there a difference between the IP Configuration when the computer is on or off of the domain, specifically which DNS servers it is pointing to? I am thinking that you have a DNS server that was damaged and is now unresponsive. If your client(s) are using this DNS server, there will be a time-out period until the client uses another one. That could be the cause of your slowness.

Guides and tutorials, visit ITGeared.com.

_{Wednesday, October 26, 2011 8:27 PM}

As of now, we have a 2 dns controllers. one is a failover. so primary and secondary i suppose. we can switch them back and forth and no change in performance. Whats else im not sure about is why being on the domain is the culprit? machines not attached to the domain still use the same dhcp and dns server. I will look into what you said, im not a extremely knowledgable windows server person or even really a dns guy..

Also, i do not know how the machines we shutdown from the fire.. everything is fine in the room like i said, but maybe the server was not shutdown properly? Could a sudden shutdown screw things up since the dns service was never really stopped, it just lost power all of a sudden

_{Thursday, October 27, 2011 12:51 AM}

Its hard to pinpoint the exact issue based on the information you have so far. I would suggest that you go back and make sure that the machines with slowness have the same IP configuration that the machines without slowness have.

From there, if the settings are identical, take a look at the event logs and see if there is any indication of an issue.

The domain membership itself should have NO effect on the performance of the internet experience. However, there are services in the background that could be affected if you had a failed DNS service, or a DC being down, etc...

Guides and tutorials, visit ITGeared.com.

_{Thursday, October 27, 2011 1:52 AM}

I agree with JM that this will be hard to pinpoint. However, if we can take a look at the current config of the two DCs and of a sample DHCP client and possibly a statically configured client (if any), that will help at least eliminate basic configuration issues, if any.

So if you can, please post the following:

Unedited ipconfig /all from the two DCs
Any event log errors from the two DCs
Where are the two DCs located, such as is one at the main office subnet, and one ofthem in a VLAN?
Do you have forwarders configured, and if so, what IPs are they?
Unedited ipconfig /all from a DHCP client
Unedited ipconfig /all from a statically configured client (if any)

That should be a good starter. And sorry for the huge request. Sometimes it is easier for us to view this info to see if there is anything we can suggest or recommend to improve it.

Ace Fekay
MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Thursday, October 27, 2011 12:49 PM}

No problem ill post the info in another reply shortly. And to answer you, all machines in the building use identicle ipconfigs on a domain or otherwise. Ill try your suggestions and post it.

_{Thursday, October 27, 2011 1:33 PM}

heres some generic warnings.. Our DNS controllers are in the same room.. right on top of each other.

1: date: 10/25/2011 | type: warning | event ID: 3000

The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate.

1: date: 10/12/2011 | type: error | event ID 4011

The DNS server was unable to add or write an update of domain name SEP001DA2F466A1 in zone wsp.corp to the Active Directory. Check that the Active Directory is functioning properly and add or update this domain name using the DNS console. The extended error debug information (which may be empty) is "". The event data contains the error.

There are not many of these errors or warnings.. and they only crop up every couple of days from the dates. I can provide more warnings if you want. not all of them are the same event ID.

IPConfigs: While attatched to the domain

Dynamic and statically configured.

i used the same ip address from the dhcp from the current lease: ip 192.168.78.53 subnet 255.255.255.0 default gateway 192.168.78.1 | primary dns 192.168.68.95 alt dns 192.168.68.105

I compared speed loading times using google search... machine off the domain just simple displays results faster.

As far as forwarders.. NOT to knowledgable with that. is that dns related? You might have to tell me how to view that. sorry bout that.

HOPE this ansers some of your questions.

_{Thursday, October 27, 2011 4:43 PM}

It answers some of them, but the ipconfig /all actually provides lots more info than just DNS addresses. If you can run the following and post it, it may be easier for you:

ipconfig /all > c:\ipconfig.txt

Then open the text file, and copy and paste it in your response and indicate which machine it is.

Also make sure that the wsp.corp zone properties shows that Updates are allowed (either Secure Only or Secure and Unsecure).

As for the errors, that is a generic error indicating something else is going on. Are there any other errors on any of the machines?

Website browsing is not necessarily the best way to test speed or connectivity. However, it could be an issue with resolution. If your firewall (what kind and model is it?) doesn't support EDNS0, it could cause issues.l A Forwarder can overcome it. Here's more info on EDNS0 and what will happen if a firewall doesn't support it:

What is EDNS0? (Extension mechanisms for DNS)
http://msmvps.com/blogs/acefekay/archive/2010/10/11/edns0-extension-mechanisms-for-dns.aspx

For Forwarders, they are configured in the DNS server properties, Forwarders tab. Below shows Windows 2008/2008 R2, but is similar for 2003:

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Friday, October 28, 2011 3:29 PM}

No, not weird, but expected. Third party devices do that sometimes. I've had problems with third party devices, including a Seagate BlackArmor that literally disabled browsing because it kept winning the browse master role, which you can't disable, and Seagate hasn't updated this feature. It affected numerous apps that relied on browsing, including BackupExec and contacting agents on other servers. I had to move it to its own VLAN to stop it.

So with third party devices, it makes it difficult sometimes to troubleshoot networking issues, and the last thing one thinks of is the device!

Glad you figured it out. :-)

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Friday, October 28, 2011 5:38 PM}

ever hear of fortigate 310b causing that? the fortigate agent on the windows server that when its running seems to slow the traffic down a noticable bit. once its off, it removes all issues

_{Friday, October 28, 2011 5:52 PM}

Fortigate? No, I haven't, but I will keep that in mind if I see anyone having a similar problem. Thanks for the info. It will definitely help others out there having a similar problem finding this thread, too!

Ace

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

_{Friday, October 28, 2011 7:30 PM}

Once we have our 'network' guy look into it, ill post more information. We dont know what firmware is running on the network appliance right now. Also, configurations not sure. Once i get info ill post for you to share with whoever

_{Friday, October 28, 2011 11:39 PM}

That would be great. Thank you! :-)

This posting is provided AS-IS with no warranties or guarantees and confers no rights.

Last updated on 2011-10-26

Share via

slow internet/web browsing performance while on Active Directory domain

Question

All replies (13)

Additional resources