Jump to content

LDAP and surfing

Guest ki4zji

By Guest ki4zji
in Windows 2003 Server

 Share

Recommended Posts

Guest ki4zji

Guest ki4zji

Posted
Posted

Here's the problem...

 

One of our installations is having what appears to be intermittent

problems with internet surfing download speeds. We have replaced the

DSL modem and thoroughly tested all the associated LAN hardware. The

DSL provider has now responded saying:

"I have taken a further look and it seems that your server (LAN IP:

192.168.0.2) seems to be using something called "LDAP" which tries to

verify certain information before allowing your PC to bring up that

webpage. This LDAP in your server is not recognizing certain pages

correctly. I would suggest the following:"

 

The address x.x.x.2 is, in fact, our windows 2003 server, however I

fail to see how LDAP can interfere with web surfing.

 

Essentially, this server is isolated (through a NAT router with all

incoming ports closed) from the internet and there is very little risk

of a malware infection.

 

The clients on the network are using x.x.x.2 as their DNS server.

 

Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the

clients to see a slowdown in browsing?

  • Replies 8
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: LDAP and surfing

 

Hello ki4zji,

 

What kind of network setup do you have, please describe more details, domain

or workgroup? What does have problem, server or client? Please post an unedited

ipconfig /all form your domai internal server and a client with problems.

If your LAN internal machines use the ISP's server this is a bad configuration.

But to help you, we need some more info about your network.

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

> Here's the problem...

>

> One of our installations is having what appears to be intermittent

> problems with internet surfing download speeds. We have replaced the

> DSL modem and thoroughly tested all the associated LAN hardware. The

> DSL provider has now responded saying:

> "I have taken a further look and it seems that your server (LAN IP:

> 192.168.0.2) seems to be using something called "LDAP" which tries to

> verify certain information before allowing your PC to bring up that

> webpage. This LDAP in your server is not recognizing certain pages

> correctly. I would suggest the following:"

> The address x.x.x.2 is, in fact, our windows 2003 server, however I

> fail to see how LDAP can interfere with web surfing.

>

> Essentially, this server is isolated (through a NAT router with all

> incoming ports closed) from the internet and there is very little risk

> of a malware infection.

>

> The clients on the network are using x.x.x.2 as their DNS server.

>

> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the

> clients to see a slowdown in browsing?

>

Guest ki4zji

Guest ki4zji

Posted
Posted

Re: LDAP and surfing

 

On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> Hello ki4zji,

>

> What kind of network setup do you have, please describe more details, domain

> or workgroup? What does have problem, server or client? Please post an unedited

> ipconfig /all form your domai internal server and a client with problems.

> If your LAN internal machines use the ISP's server this is a bad configuration.

> But to help you, we need some more info about your network.

>

> Best regards

>

> Meinolf Weber

> Disclaimer: This posting is provided "AS IS" with no warranties, and confers

> no rights.

> ** Please do NOT email, only reply to Newsgroups

> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>

> > Here's the problem...

>

> > One of our installations is having what appears to be intermittent

> > problems with internet surfing download speeds.  We have replaced the

> > DSL modem and thoroughly tested all the associated LAN hardware.  The

> > DSL provider has now responded saying:

> > "I have taken a further look and it seems that your server (LAN IP:

> > 192.168.0.2) seems to be using something called "LDAP" which tries to

> > verify certain information before allowing your PC to bring up that

> > webpage. This LDAP in your server is not recognizing certain pages

> > correctly. I would suggest the following:"

> > The address x.x.x.2 is, in fact, our windows 2003 server, however I

> > fail to see how LDAP can interfere with web surfing.

>

> > Essentially, this server is isolated (through a NAT router with all

> > incoming ports closed) from the internet and there is very little risk

> > of a malware infection.

>

> > The clients on the network are using x.x.x.2 as their DNS server.

>

> > Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the

> > clients to see a slowdown in browsing?

 

On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> Hello ki4zji,

>

> What kind of network setup do you have, please describe more details, domain

> or workgroup? What does have problem, server or client? Please post an unedited

> ipconfig /all form your domai internal server and a client with problems.

> If your LAN internal machines use the ISP's server this is a bad configuration.

> But to help you, we need some more info about your network.

>

> Best regards

>

> Meinolf Weber

> Disclaimer: This posting is provided "AS IS" with no warranties, and confers

> no rights.

> ** Please do NOT email, only reply to Newsgroups

> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>

> > Here's the problem...

>

> > One of our installations is having what appears to be intermittent

> > problems with internet surfing download speeds. We have replaced the

> > DSL modem and thoroughly tested all the associated LAN hardware. The

> > DSL provider has now responded saying:

> > "I have taken a further look and it seems that your server (LAN IP:

> > 192.168.0.2) seems to be using something called "LDAP" which tries to

> > verify certain information before allowing your PC to bring up that

> > webpage. This LDAP in your server is not recognizing certain pages

> > correctly. I would suggest the following:"

> > The address x.x.x.2 is, in fact, our windows 2003 server, however I

> > fail to see how LDAP can interfere with web surfing.

>

> > Essentially, this server is isolated (through a NAT router with all

> > incoming ports closed) from the internet and there is very little risk

> > of a malware infection.

>

> > The clients on the network are using x.x.x.2 as their DNS server.

>

> > Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the

> > clients to see a slowdown in browsing?

 

Windows IP Configuration

 

Host Name . . . . . . . . . . . . : PMCC-S01

Primary Dns Suffix . . . . . . . : pettymachine.local

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : pettymachine.local

 

Ethernet adapter Hamachi:

 

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Hamachi Network Interface

Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : No

IP Address. . . . . . . . . . . . : 5.42.248.149

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . :

DHCP Server . . . . . . . . . . . : 5.0.0.1

Lease Obtained. . . . . . . . . . : Monday, September 29, 2008

4:00:10 PM

Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009

4:00:10 PM

 

 

Ethernet adapter Server Local Area Connection:

 

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit

Ethernet

Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.0.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.2

Primary WINS Server . . . . . . . : 192.168.2.107

 

DNS is configured on this server and is pointing to 208.67.222.222 /

208.67.220.220 / 192.168.0.2 as name servers.

 

This is from a windows 2003 PDC. There are four PC's connected to

this server which are members of the domain and three PC's which look

to this server for DNS resolution only. As you can see, we are using

OPEN DNS instead of our ISP's name server. The problem here appears

to be in bandwidth (slow surfing). While promising a 3.0/384

connection, DSL Reports' speed tests indicate a 561k / 306k

connection. If DNS were not correct, we would see DNS errors, not a

decrease in available bandwidth, correct?

 

The problem occurs anywhere on the network and appears to be random.

I did not capture information from a client machine as the problem is

on both client and server.

 

The ISP is making two claims:

1) there is some failure in LDAP causing the problem. I don't know,

hence me asking the question.

2) someone is downloading music from the server (.0.2). I am the only

one with access to the server, and I do not believe there to be any

malware on the server. Further, during one of the slowdowns, I ran a

netstat. There were only two connections to the internet and both

were related to 'LOGMEIN.COM', the tool I use for remote support.

This would never account for 2.5M of bandwidth.

 

Thanks

Randy

Guest ki4zji

Guest ki4zji

Posted
Posted

Re: LDAP and surfing

 

If it helps, the ISP has also provided a SYSLOG:

139:44:02 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-

S01.pettymachine.local

139:44:02 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC-

S01.pettymachine.local

139:46:33 Elapsed Time syslog: failed dns request

len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid

139:46:33 Elapsed Time syslog: failed dns request

len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid

139:48:28 Elapsed Time syslog: failed dns request

len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid

139:54:01 Elapsed Time syslog: failed dns request

len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-

Name._sites.PMCC-S01.pettymac

139:54:27 Elapsed Time syslog: failed dns request

len=73,srcip=208.67.222.222, url=PMCC-S01.pettymachine.local

139:54:28 Elapsed Time syslog: failed dns request

len=64,srcip=208.67.222.222, url=pettymachine.local

139:54:28 Elapsed Time syslog: failed dns request

len=64,srcip=208.67.220.220, url=pettymachine.local

139:54:28 Elapsed Time syslog: failed dns request

len=51,srcip=208.67.222.222, url=local

139:54:29 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=2.0.168.192.in-addr.arpa

139:54:30 Elapsed Time syslog: failed dns request

len=68,srcip=208.67.222.222, url=0.168.192.in-addr.arpa

139:54:30 Elapsed Time syslog: failed dns request

len=68,srcip=208.67.220.220, url=0.168.192.in-addr.arpa

139:59:02 Elapsed Time syslog: failed dns request

len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local

140:00:00 Elapsed Time -- MARK --

140:04:02 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-

S01.pettymachine.local

140:04:03 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC-

S01.pettymachine.local

140:09:02 Elapsed Time syslog: failed dns request

len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-

Name._sites.PMCC-S01.pettymac

140:10:14 Elapsed Time udhcpd: SENDING ACK to larry

140:10:14 Elapsed Time udhcpd: sending ACK to 192.168.0.100

140:10:14 Elapsed Time udhcpd: ADD 00:1e:90:39:c3:10 192.168.0.100

86400l larry

140:10:21 Elapsed Time syslog: failed dns request

len=89,srcip=208.67.222.222,

url=_ldap._tcp.dc._msdcs.domain_not_set.invalid

140:10:23 Elapsed Time syslog: failed dns request

len=89,srcip=208.67.222.222,

url=_ldap._tcp.dc._msdcs.domain_not_set.invalid

140:12:14 Elapsed Time udhcpd: SENDING ACK to larry

140:12:14 Elapsed Time udhcpd: sending ACK to 192.168.0.100

140:12:14 Elapsed Time udhcpd: ADD 00:1e:90:39:c3:10 192.168.0.100

86400l larry

140:18:06 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local

140:18:07 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.220.220, url=LINDA.pettymachine.local

140:19:01 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-

S01.pettymachine.local

140:19:01 Elapsed Time syslog: failed dns request

len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local

140:20:00 Elapsed Time -- MARK --

140:20:29 Elapsed Time syslog: failed dns request

len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid

140:21:53 Elapsed Time syslog: failed dns request

len=69,srcip=208.67.222.222, url=wpad.pettymachine.local

140:24:01 Elapsed Time syslog: failed dns request

len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-

Name._sites.PMCC-S01.pettymac

140:26:15 Elapsed Time syslog: failed dns request

len=50,srcip=208.67.222.222, url=wpad

140:38:06 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local

140:39:01 Elapsed Time syslog: failed dns request

len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-

Name._sites.PMCC-S01.pettymac

140:39:03 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-

S01.pettymachine.local

140:39:03 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC-

S01.pettymachine.local

140:39:03 Elapsed Time syslog: failed dns request

len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local

140:40:00 Elapsed Time -- MARK --

140:41:49 Elapsed Time syslog: failed dns request

len=50,srcip=208.67.222.222, url=wpad

140:52:30 Elapsed Time syslog: failed dns request

len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid

140:54:32 Elapsed Time syslog: failed dns request

len=73,srcip=208.67.222.222, url=PMCC-S01.pettymachine.local

140:54:32 Elapsed Time syslog: failed dns request

len=73,srcip=208.67.220.220, url=PMCC-S01.pettymachine.local

140:54:32 Elapsed Time syslog: failed dns request

len=64,srcip=208.67.222.222, url=pettymachine.local

140:54:32 Elapsed Time syslog: failed dns request

len=51,srcip=208.67.222.222, url=local

140:54:32 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=2.0.168.192.in-addr.arpa

140:54:32 Elapsed Time syslog: failed dns request

len=68,srcip=208.67.222.222, url=0.168.192.in-addr.arpa

140:56:08 Elapsed Time syslog: failed dns request

len=148,srcip=4.2.2.2, url=wpad.domain_not_set.invalid

140:57:50 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local

140:59:01 Elapsed Time syslog: failed dns request

len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-

Name._sites.PMCC-S01.pettymac

140:59:01 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-

S01.pettymachine.local

140:59:01 Elapsed Time syslog: failed dns request

len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local

141:00:00 Elapsed Time -- MARK --

141:12:59 Elapsed Time syslog: failed dns request

len=50,srcip=208.67.222.222, url=wpad

141:14:01 Elapsed Time syslog: failed dns request

len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-

Name._sites.PMCC-S01.pettymac

141:14:01 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-

S01.pettymachine.local

141:14:01 Elapsed Time syslog: failed dns request

len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local

141:15:35 Elapsed Time syslog: failed dns request

len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid

141:15:36 Elapsed Time syslog: failed dns request

len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid

141:20:00 Elapsed Time -- MARK --

141:20:52 Elapsed Time syslog: failed dns request

len=69,srcip=208.67.222.222, url=wpad.pettymachine.local

141:24:31 Elapsed Time syslog: failed dns request

len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid

141:28:34 Elapsed Time syslog: failed dns request

len=50,srcip=208.67.222.222, url=wpad

141:28:39 Elapsed Time syslog: failed dns request

len=69,srcip=208.67.222.222, url=wpad.pettymachine.local

141:28:53 Elapsed Time syslog: failed dns request

len=151,srcip=4.2.2.2, url=Flowboy.domain_not_set.invalid

141:29:01 Elapsed Time syslog: failed dns request

len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-

Name._sites.PMCC-S01.pettymac

141:29:01 Elapsed Time syslog: failed dns request

len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-

S01.pettymachine.local

141:29:02 Elapsed Time syslog: failed dns request

len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local

141:29:06 Elapsed Time syslog: failed dns request

len=153,srcip=4.2.2.2, url=Cadserver.domain_not_set.invalid

141:31:41 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local

141:31:41 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.220.220, url=LINDA.pettymachine.local

141:32:00 Elapsed Time syslog: failed dns request

len=71,srcip=208.67.222.222, url=25.206.253.5.in-addr.arpa

141:32:06 Elapsed Time syslog: failed dns request

len=71,srcip=208.67.222.222, url=25.0.168.192.in-addr.arpa

141:32:06 Elapsed Time syslog: failed dns request

len=71,srcip=208.67.220.220, url=25.0.168.192.in-addr.arpa

141:32:11 Elapsed Time syslog: failed dns request

len=72,srcip=208.67.222.222, url=102.0.168.192.in-addr.arpa

141:32:15 Elapsed Time syslog: failed dns request

len=72,srcip=208.67.222.222, url=103.0.168.192.in-addr.arpa

141:32:21 Elapsed Time syslog: failed dns request

len=72,srcip=208.67.222.222, url=104.0.168.192.in-addr.arpa

141:32:21 Elapsed Time syslog: failed dns request

len=72,srcip=208.67.220.220, url=104.0.168.192.in-addr.arpa

141:32:26 Elapsed Time syslog: failed dns request

len=72,srcip=208.67.222.222, url=106.0.168.192.in-addr.arpa

141:32:32 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=105.18.9.76.in-addr.arpa

141:32:38 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.222.222, url=61.124.5.72.in-addr.arpa

141:32:38 Elapsed Time syslog: failed dns request

len=70,srcip=208.67.220.220, url=61.124.5.72.in-addr.arpa

 

 

Thanks

Randy

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: LDAP and surfing

 

Hello ki4zji,

 

The DC is multihomed, which is a really bad decision for DC's. Or for what

is the 5.42.248.149 obtained from a DHCP server?

 

Also, if you have configured the 208.67.222.222 / 208.67.220.220, where did

you set them, i can not see them on the output from ipconfig /all?

 

A DC have the need for an internal DNS server, externals only for name resolution.

If DNS is not correct configured it can also slow down the network and create

other strange problems. Even if your bandwith is not that much, shouldn't

be a big problem with correct DNS settings.

 

What ip configuration does your clients have, please post an unedited ipconfig

/all from one of them.

 

The LDAP entries in the logfile seems for me to come because your server

and also the clients, i assume, have DNS configuration mismatches.

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

>> Hello ki4zji,

>>

>> What kind of network setup do you have, please describe more details,

>> domain

>> or workgroup? What does have problem, server or client? Please post

>> an unedited

>> ipconfig /all form your domai internal server and a client with

>> problems.

>> If your LAN internal machines use the ISP's server this is a bad

>> configuration.

>> But to help you, we need some more info about your network.

>> Best regards

>>

>> Meinolf Weber

>> Disclaimer: This posting is provided "AS IS" with no warranties, and

>> confers

>> no rights.

>> ** Please do NOT email, only reply to Newsgroups

>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>>> Here's the problem...

>>>

>>> One of our installations is having what appears to be intermittent

>>> problems with internet surfing download speeds. We have replaced

>>> the

>>> DSL modem and thoroughly tested all the associated LAN hardware.

>>> The

>>> DSL provider has now responded saying:

>>> "I have taken a further look and it seems that your server (LAN IP:

>>> 192.168.0.2) seems to be using something called "LDAP" which tries

>>> to

>>> verify certain information before allowing your PC to bring up that

>>> webpage. This LDAP in your server is not recognizing certain pages

>>> correctly. I would suggest the following:"

>>> The address x.x.x.2 is, in fact, our windows 2003 server, however I

>>> fail to see how LDAP can interfere with web surfing.

>>> Essentially, this server is isolated (through a NAT router with all

>>> incoming ports closed) from the internet and there is very little

>>> risk of a malware infection.

>>>

>>> The clients on the network are using x.x.x.2 as their DNS server.

>>>

>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

>>> the clients to see a slowdown in browsing?

>>>

> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

>> Hello ki4zji,

>>

>> What kind of network setup do you have, please describe more details,

>> domain

>> or workgroup? What does have problem, server or client? Please post

>> an unedited

>> ipconfig /all form your domai internal server and a client with

>> problems.

>> If your LAN internal machines use the ISP's server this is a bad

>> configuration.

>> But to help you, we need some more info about your network.

>> Best regards

>>

>> Meinolf Weber

>> Disclaimer: This posting is provided "AS IS" with no warranties, and

>> confers

>> no rights.

>> ** Please do NOT email, only reply to Newsgroups

>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>>> Here's the problem...

>>>

>>> One of our installations is having what appears to be intermittent

>>> problems with internet surfing download speeds. We have replaced

>>> the

>>> DSL modem and thoroughly tested all the associated LAN hardware.

>>> The

>>> DSL provider has now responded saying:

>>> "I have taken a further look and it seems that your server (LAN IP:

>>> 192.168.0.2) seems to be using something called "LDAP" which tries

>>> to

>>> verify certain information before allowing your PC to bring up that

>>> webpage. This LDAP in your server is not recognizing certain pages

>>> correctly. I would suggest the following:"

>>> The address x.x.x.2 is, in fact, our windows 2003 server, however I

>>> fail to see how LDAP can interfere with web surfing.

>>> Essentially, this server is isolated (through a NAT router with all

>>> incoming ports closed) from the internet and there is very little

>>> risk of a malware infection.

>>>

>>> The clients on the network are using x.x.x.2 as their DNS server.

>>>

>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

>>> the clients to see a slowdown in browsing?

>>>

> Windows IP Configuration

>

> Host Name . . . . . . . . . . . . : PMCC-S01

> Primary Dns Suffix . . . . . . . : pettymachine.local

> Node Type . . . . . . . . . . . . : Hybrid

> IP Routing Enabled. . . . . . . . : No

> WINS Proxy Enabled. . . . . . . . : No

> DNS Suffix Search List. . . . . . : pettymachine.local

> Ethernet adapter Hamachi:

>

> Connection-specific DNS Suffix . :

> Description . . . . . . . . . . . : Hamachi Network Interface

> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95

> DHCP Enabled. . . . . . . . . . . : Yes

> Autoconfiguration Enabled . . . . : No

> IP Address. . . . . . . . . . . . : 5.42.248.149

> Subnet Mask . . . . . . . . . . . : 255.0.0.0

> Default Gateway . . . . . . . . . :

> DHCP Server . . . . . . . . . . . : 5.0.0.1

> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008

> 4:00:10 PM

> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009

> 4:00:10 PM

> Ethernet adapter Server Local Area Connection:

>

> Connection-specific DNS Suffix . :

> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit

> Ethernet

> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8

> DHCP Enabled. . . . . . . . . . . : No

> IP Address. . . . . . . . . . . . : 192.168.0.2

> Subnet Mask . . . . . . . . . . . : 255.255.255.0

> Default Gateway . . . . . . . . . : 192.168.0.1

> DNS Servers . . . . . . . . . . . : 192.168.0.2

> Primary WINS Server . . . . . . . : 192.168.2.107

> DNS is configured on this server and is pointing to 208.67.222.222 /

> 208.67.220.220 / 192.168.0.2 as name servers.

>

> This is from a windows 2003 PDC. There are four PC's connected to

> this server which are members of the domain and three PC's which look

> to this server for DNS resolution only. As you can see, we are using

> OPEN DNS instead of our ISP's name server. The problem here appears

> to be in bandwidth (slow surfing). While promising a 3.0/384

> connection, DSL Reports' speed tests indicate a 561k / 306k

> connection. If DNS were not correct, we would see DNS errors, not a

> decrease in available bandwidth, correct?

>

> The problem occurs anywhere on the network and appears to be random. I

> did not capture information from a client machine as the problem is on

> both client and server.

>

> The ISP is making two claims:

> 1) there is some failure in LDAP causing the problem. I don't know,

> hence me asking the question.

> 2) someone is downloading music from the server (.0.2). I am the only

> one with access to the server, and I do not believe there to be any

> malware on the server. Further, during one of the slowdowns, I ran a

> netstat. There were only two connections to the internet and both

> were related to 'LOGMEIN.COM', the tool I use for remote support.

> This would never account for 2.5M of bandwidth.

> Thanks

> Randy

Guest ki4zji

Guest ki4zji

Posted
Posted

Re: LDAP and surfing

 

On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> Hello ki4zji,

>

> The DC is multihomed, which is a really bad decision for DC's. Or for what

> is the 5.42.248.149 obtained from a DHCP server?

>

> Also, if you have configured the 208.67.222.222 / 208.67.220.220, where did

> you set them, i can not see them on the output from ipconfig /all?

>

> A DC have the need for an internal DNS server, externals only for name resolution.

> If DNS is not correct configured it can also slow down the network and create

> other strange problems. Even if your bandwith is not that much, shouldn't

> be a big problem with correct DNS settings.

>

> What ip configuration does your clients have, please post an unedited ipconfig

> /all from one of them.

>

> The LDAP entries in the logfile seems for me to come because your server

> and also the clients, i assume, have DNS configuration mismatches.

>

> Best regards

>

> Meinolf Weber

> Disclaimer: This posting is provided "AS IS" with no warranties, and confers

> no rights.

> ** Please do NOT email, only reply to Newsgroups

> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>

> > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

> >> Hello ki4zji,

>

> >> What kind of network setup do you have, please describe more details,

> >> domain

> >> or workgroup? What does have problem, server or client? Please post

> >> an unedited

> >> ipconfig /all form your domai internal server and a client with

> >> problems.

> >> If your LAN internal machines use the ISP's server this is a bad

> >> configuration.

> >> But to help you, we need some more info about your network.

> >> Best regards

>

> >> Meinolf Weber

> >> Disclaimer: This posting is provided "AS IS" with no warranties, and

> >> confers

> >> no rights.

> >> ** Please do NOT email, only reply to Newsgroups

> >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> >>> Here's the problem...

>

> >>> One of our installations is having what appears to be intermittent

> >>> problems with internet surfing download speeds.  We have replaced

> >>> the

> >>> DSL modem and thoroughly tested all the associated LAN hardware.

> >>> The

> >>> DSL provider has now responded saying:

> >>> "I have taken a further look and it seems that your server (LAN IP:

> >>> 192.168.0.2) seems to be using something called "LDAP" which tries

> >>> to

> >>> verify certain information before allowing your PC to bring up that

> >>> webpage. This LDAP in your server is not recognizing certain pages

> >>> correctly. I would suggest the following:"

> >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I

> >>> fail to see how LDAP can interfere with web surfing.

> >>> Essentially, this server is isolated (through a NAT router with all

> >>> incoming ports closed) from the internet and there is very little

> >>> risk of a malware infection.

>

> >>> The clients on the network are using x.x.x.2 as their DNS server.

>

> >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

> >>> the clients to see a slowdown in browsing?

>

> > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

> >> Hello ki4zji,

>

> >> What kind of network setup do you have, please describe more details,

> >> domain

> >> or workgroup? What does have problem, server or client? Please post

> >> an unedited

> >> ipconfig /all form your domai internal server and a client with

> >> problems.

> >> If your LAN internal machines use the ISP's server this is a bad

> >> configuration.

> >> But to help you, we need some more info about your network.

> >> Best regards

>

> >> Meinolf Weber

> >> Disclaimer: This posting is provided "AS IS" with no warranties, and

> >> confers

> >> no rights.

> >> ** Please do NOT email, only reply to Newsgroups

> >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> >>> Here's the problem...

>

> >>> One of our installations is having what appears to be intermittent

> >>> problems with internet surfing download speeds.  We have replaced

> >>> the

> >>> DSL modem and thoroughly tested all the associated LAN hardware.

> >>> The

> >>> DSL provider has now responded saying:

> >>> "I have taken a further look and it seems that your server (LAN IP:

> >>> 192.168.0.2) seems to be using something called "LDAP" which tries

> >>> to

> >>> verify certain information before allowing your PC to bring up that

> >>> webpage. This LDAP in your server is not recognizing certain pages

> >>> correctly. I would suggest the following:"

> >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I

> >>> fail to see how LDAP can interfere with web surfing.

> >>> Essentially, this server is isolated (through a NAT router with all

> >>> incoming ports closed) from the internet and there is very little

> >>> risk of a malware infection.

>

> >>> The clients on the network are using x.x.x.2 as their DNS server.

>

> >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

> >>> the clients to see a slowdown in browsing?

>

> > Windows IP Configuration

>

> > Host Name . . . . . . . . . . . . : PMCC-S01

> > Primary Dns Suffix  . . . . . . . : pettymachine.local

> > Node Type . . . . . . . . . . . . : Hybrid

> > IP Routing Enabled. . . . . . . . : No

> > WINS Proxy Enabled. . . . . . . . : No

> > DNS Suffix Search List. . . . . . : pettymachine.local

> > Ethernet adapter Hamachi:

>

> > Connection-specific DNS Suffix  . :

> > Description . . . . . . . . . . . : Hamachi Network Interface

> > Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95

> > DHCP Enabled. . . . . . . . . . . : Yes

> > Autoconfiguration Enabled . . . . : No

> > IP Address. . . . . . . . . . . . : 5.42.248.149

> > Subnet Mask . . . . . . . . . . . : 255.0.0.0

> > Default Gateway . . . . . . . . . :

> > DHCP Server . . . . . . . . . . . : 5.0.0.1

> > Lease Obtained. . . . . . . . . . : Monday, September 29, 2008

> > 4:00:10 PM

> > Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009

> > 4:00:10 PM

> > Ethernet adapter Server Local Area Connection:

>

> > Connection-specific DNS Suffix  . :

> > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit

> > Ethernet

> > Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8

> > DHCP Enabled. . . . . . . . . . . : No

> > IP Address. . . . . . . . . . . . : 192.168.0.2

> > Subnet Mask . . . . . . . . . . . : 255.255.255.0

> > Default Gateway . . . . . . . . . : 192.168.0.1

> > DNS Servers . . . . . . . . . . . : 192.168.0.2

> > Primary WINS Server . . . . . . . : 192.168.2.107

> > DNS is configured on this server and is pointing to 208.67.222.222 /

> > 208.67.220.220 / 192.168.0.2 as name servers.

>

> > This is from a windows 2003 PDC.  There are four PC's connected to

> > this server which are members of the domain and three PC's which look

> > to this server for DNS resolution only.  As you can see, we are using

> > OPEN DNS instead of our ISP's name server.  The problem here appears

> > to be in bandwidth (slow surfing).  While promising a 3.0/384

> > connection, DSL Reports' speed tests indicate a 561k / 306k

> > connection.  If DNS were not correct, we would see DNS errors, not a

> > decrease in available bandwidth, correct?

>

> > The problem occurs anywhere on the network and appears to be random. I

> > did not capture information from a client machine as the problem is on

> > both client and server.

>

> > The ISP is making two claims:

> > 1) there is some failure in LDAP causing the problem.  I don't know,

> > hence me asking the question.

> > 2) someone is downloading music from the server (.0.2).  I am the only

> > one with access to the server, and I do not believe there to be any

> > malware on the server.  Further, during one of the slowdowns, I ran a

> > netstat.  There were only two connections to the internet and both

> > were related to 'LOGMEIN.COM', the tool I use for remote support.

> > This would never account for 2.5M of bandwidth.

> > Thanks

> > Randy

 

the 5. address is a hamachi vpn address. It is only active

occasionally for support purposes. During this particular problem, it

is not active.

 

here is an IPCONFIG /ALL from one of the client PC's:

Windows 2000 IP Configuration

 

Host Name . . . . . . . . . . . . : LINDA

Primary DNS Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/100 Network

Connection

Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.0.25

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.2

Primary WINS Server . . . . . . . : 192.168.0.1

 

 

 

The addresses for the OPEN DNS servers are entered in accordance with

the instructions at: https://www.opendns.com/smb/start/device/windows-server-2003.

In other words, these servers are included as 'FORWARDERS'.

 

Also, this configuration has worked for some time and has only failed

recently. My suspicion is that there is some failure on the ISP's end

and they do not want to admit it. However, I just want to make sure

that LDAP cannot cause such a slowdown.

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: LDAP and surfing

 

Hello ki4zji,

 

You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it

there.

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

> On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

>> Hello ki4zji,

>>

>> The DC is multihomed, which is a really bad decision for DC's. Or for

>> what is the 5.42.248.149 obtained from a DHCP server?

>>

>> Also, if you have configured the 208.67.222.222 / 208.67.220.220,

>> where did you set them, i can not see them on the output from

>> ipconfig /all?

>>

>> A DC have the need for an internal DNS server, externals only for

>> name resolution.

>> If DNS is not correct configured it can also slow down the network

>> and create

>> other strange problems. Even if your bandwith is not that much,

>> shouldn't

>> be a big problem with correct DNS settings.

>> What ip configuration does your clients have, please post an unedited

>> ipconfig /all from one of them.

>>

>> The LDAP entries in the logfile seems for me to come because your

>> server and also the clients, i assume, have DNS configuration

>> mismatches.

>>

>> Best regards

>>

>> Meinolf Weber

>> Disclaimer: This posting is provided "AS IS" with no warranties, and

>> confers

>> no rights.

>> ** Please do NOT email, only reply to Newsgroups

>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>>>

>>>> Hello ki4zji,

>>>>

>>>> What kind of network setup do you have, please describe more

>>>> details,

>>>> domain

>>>> or workgroup? What does have problem, server or client? Please post

>>>> an unedited

>>>> ipconfig /all form your domai internal server and a client with

>>>> problems.

>>>> If your LAN internal machines use the ISP's server this is a bad

>>>> configuration.

>>>> But to help you, we need some more info about your network.

>>>> Best regards

>>>> Meinolf Weber

>>>> Disclaimer: This posting is provided "AS IS" with no warranties,

>>>> and

>>>> confers

>>>> no rights.

>>>> ** Please do NOT email, only reply to Newsgroups

>>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>>>>> Here's the problem...

>>>>>

>>>>> One of our installations is having what appears to be intermittent

>>>>> problems with internet surfing download speeds. We have replaced

>>>>> the

>>>>> DSL modem and thoroughly tested all the associated LAN hardware.

>>>>> The

>>>>> DSL provider has now responded saying:

>>>>> "I have taken a further look and it seems that your server (LAN

>>>>> IP:

>>>>> 192.168.0.2) seems to be using something called "LDAP" which tries

>>>>> to

>>>>> verify certain information before allowing your PC to bring up

>>>>> that

>>>>> webpage. This LDAP in your server is not recognizing certain pages

>>>>> correctly. I would suggest the following:"

>>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however

>>>>> I

>>>>> fail to see how LDAP can interfere with web surfing.

>>>>> Essentially, this server is isolated (through a NAT router with

>>>>> all

>>>>> incoming ports closed) from the internet and there is very little

>>>>> risk of a malware infection.

>>>>> The clients on the network are using x.x.x.2 as their DNS server.

>>>>>

>>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

>>>>> the clients to see a slowdown in browsing?

>>>>>

>>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>>>

>>>> Hello ki4zji,

>>>>

>>>> What kind of network setup do you have, please describe more

>>>> details,

>>>> domain

>>>> or workgroup? What does have problem, server or client? Please post

>>>> an unedited

>>>> ipconfig /all form your domai internal server and a client with

>>>> problems.

>>>> If your LAN internal machines use the ISP's server this is a bad

>>>> configuration.

>>>> But to help you, we need some more info about your network.

>>>> Best regards

>>>> Meinolf Weber

>>>> Disclaimer: This posting is provided "AS IS" with no warranties,

>>>> and

>>>> confers

>>>> no rights.

>>>> ** Please do NOT email, only reply to Newsgroups

>>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>>>>> Here's the problem...

>>>>>

>>>>> One of our installations is having what appears to be intermittent

>>>>> problems with internet surfing download speeds. We have replaced

>>>>> the

>>>>> DSL modem and thoroughly tested all the associated LAN hardware.

>>>>> The

>>>>> DSL provider has now responded saying:

>>>>> "I have taken a further look and it seems that your server (LAN

>>>>> IP:

>>>>> 192.168.0.2) seems to be using something called "LDAP" which tries

>>>>> to

>>>>> verify certain information before allowing your PC to bring up

>>>>> that

>>>>> webpage. This LDAP in your server is not recognizing certain pages

>>>>> correctly. I would suggest the following:"

>>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however

>>>>> I

>>>>> fail to see how LDAP can interfere with web surfing.

>>>>> Essentially, this server is isolated (through a NAT router with

>>>>> all

>>>>> incoming ports closed) from the internet and there is very little

>>>>> risk of a malware infection.

>>>>> The clients on the network are using x.x.x.2 as their DNS server.

>>>>>

>>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

>>>>> the clients to see a slowdown in browsing?

>>>>>

>>> Windows IP Configuration

>>>

>>> Host Name . . . . . . . . . . . . : PMCC-S01

>>> Primary Dns Suffix . . . . . . . : pettymachine.local

>>> Node Type . . . . . . . . . . . . : Hybrid

>>> IP Routing Enabled. . . . . . . . : No

>>> WINS Proxy Enabled. . . . . . . . : No

>>> DNS Suffix Search List. . . . . . : pettymachine.local

>>> Ethernet adapter Hamachi:

>>> Connection-specific DNS Suffix . :

>>> Description . . . . . . . . . . . : Hamachi Network Interface

>>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95

>>> DHCP Enabled. . . . . . . . . . . : Yes

>>> Autoconfiguration Enabled . . . . : No

>>> IP Address. . . . . . . . . . . . : 5.42.248.149

>>> Subnet Mask . . . . . . . . . . . : 255.0.0.0

>>> Default Gateway . . . . . . . . . :

>>> DHCP Server . . . . . . . . . . . : 5.0.0.1

>>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008

>>> 4:00:10 PM

>>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009

>>> 4:00:10 PM

>>> Ethernet adapter Server Local Area Connection:

>>> Connection-specific DNS Suffix . :

>>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit

>>> Ethernet

>>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8

>>> DHCP Enabled. . . . . . . . . . . : No

>>> IP Address. . . . . . . . . . . . : 192.168.0.2

>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0

>>> Default Gateway . . . . . . . . . : 192.168.0.1

>>> DNS Servers . . . . . . . . . . . : 192.168.0.2

>>> Primary WINS Server . . . . . . . : 192.168.2.107

>>> DNS is configured on this server and is pointing to 208.67.222.222 /

>>> 208.67.220.220 / 192.168.0.2 as name servers.

>>> This is from a windows 2003 PDC. There are four PC's connected to

>>> this server which are members of the domain and three PC's which

>>> look to this server for DNS resolution only. As you can see, we are

>>> using OPEN DNS instead of our ISP's name server. The problem here

>>> appears to be in bandwidth (slow surfing). While promising a

>>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k

>>> connection. If DNS were not correct, we would see DNS errors, not a

>>> decrease in available bandwidth, correct?

>>>

>>> The problem occurs anywhere on the network and appears to be random.

>>> I did not capture information from a client machine as the problem

>>> is on both client and server.

>>>

>>> The ISP is making two claims:

>>> 1) there is some failure in LDAP causing the problem. I don't know,

>>> hence me asking the question.

>>> 2) someone is downloading music from the server (.0.2). I am the

>>> only

>>> one with access to the server, and I do not believe there to be any

>>> malware on the server. Further, during one of the slowdowns, I ran

>>> a

>>> netstat. There were only two connections to the internet and both

>>> were related to 'LOGMEIN.COM', the tool I use for remote support.

>>> This would never account for 2.5M of bandwidth.

>>> Thanks

>>> Randy

> the 5. address is a hamachi vpn address. It is only active

> occasionally for support purposes. During this particular problem, it

> is not active.

>

> here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP

> Configuration

>

> Host Name . . . . . . . . . . . . : LINDA

> Primary DNS Suffix . . . . . . . :

> Node Type . . . . . . . . . . . . : Hybrid

> IP Routing Enabled. . . . . . . . : No

> WINS Proxy Enabled. . . . . . . . : No

> Ethernet adapter Local Area Connection:

>

> Connection-specific DNS Suffix . :

> Description . . . . . . . . . . . : Intel® PRO/100 Network

> Connection

> Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B

> DHCP Enabled. . . . . . . . . . . : No

> IP Address. . . . . . . . . . . . : 192.168.0.25

> Subnet Mask . . . . . . . . . . . : 255.255.255.0

> Default Gateway . . . . . . . . . : 192.168.0.1

> DNS Servers . . . . . . . . . . . : 192.168.0.2

> Primary WINS Server . . . . . . . : 192.168.0.1

> The addresses for the OPEN DNS servers are entered in accordance with

> the instructions at:

> https://www.opendns.com/smb/start/device/windows-server-2003.

> In other words, these servers are included as 'FORWARDERS'.

> Also, this configuration has worked for some time and has only failed

> recently. My suspicion is that there is some failure on the ISP's end

> and they do not want to admit it. However, I just want to make sure

> that LDAP cannot cause such a slowdown.

>

Guest ki4zji

Guest ki4zji

Posted
Posted

Re: LDAP and surfing

 

On Sep 29, 5:50 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> Hello ki4zji,

>

> You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it

> there.

>

> Best regards

>

> Meinolf Weber

> Disclaimer: This posting is provided "AS IS" with no warranties, and confers

> no rights.

> ** Please do NOT email, only reply to Newsgroups

> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

>

> > On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

> >> Hello ki4zji,

>

> >> The DC is multihomed, which is a really bad decision for DC's. Or for

> >> what is the 5.42.248.149 obtained from a DHCP server?

>

> >> Also, if you have configured the 208.67.222.222 / 208.67.220.220,

> >> where did you set them, i can not see them on the output from

> >> ipconfig /all?

>

> >> A DC have the need for an internal DNS server, externals only for

> >> name resolution.

> >> If DNS is not correct configured it can also slow down the network

> >> and create

> >> other strange problems. Even if your bandwith is not that much,

> >> shouldn't

> >> be a big problem with correct DNS settings.

> >> What ip configuration does your clients have, please post an unedited

> >> ipconfig /all from one of them.

>

> >> The LDAP entries in the logfile seems for me to come because your

> >> server and also the clients, i assume, have DNS configuration

> >> mismatches.

>

> >> Best regards

>

> >> Meinolf Weber

> >> Disclaimer: This posting is provided "AS IS" with no warranties, and

> >> confers

> >> no rights.

> >> ** Please do NOT email, only reply to Newsgroups

> >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

> >>>> Hello ki4zji,

>

> >>>> What kind of network setup do you have, please describe more

> >>>> details,

> >>>> domain

> >>>> or workgroup? What does have problem, server or client? Please post

> >>>> an unedited

> >>>> ipconfig /all form your domai internal server and a client with

> >>>> problems.

> >>>> If your LAN internal machines use the ISP's server this is a bad

> >>>> configuration.

> >>>> But to help you, we need some more info about your network.

> >>>> Best regards

> >>>> Meinolf Weber

> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,

> >>>> and

> >>>> confers

> >>>> no rights.

> >>>> ** Please do NOT email, only reply to Newsgroups

> >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> >>>>> Here's the problem...

>

> >>>>> One of our installations is having what appears to be intermittent

> >>>>> problems with internet surfing download speeds.  We have replaced

> >>>>> the

> >>>>> DSL modem and thoroughly tested all the associated LAN hardware.

> >>>>> The

> >>>>> DSL provider has now responded saying:

> >>>>> "I have taken a further look and it seems that your server (LAN

> >>>>> IP:

> >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries

> >>>>> to

> >>>>> verify certain information before allowing your PC to bring up

> >>>>> that

> >>>>> webpage. This LDAP in your server is not recognizing certain pages

> >>>>> correctly. I would suggest the following:"

> >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however

> >>>>> I

> >>>>> fail to see how LDAP can interfere with web surfing.

> >>>>> Essentially, this server is isolated (through a NAT router with

> >>>>> all

> >>>>> incoming ports closed) from the internet and there is very little

> >>>>> risk of a malware infection.

> >>>>> The clients on the network are using x.x.x.2 as their DNS server.

>

> >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

> >>>>> the clients to see a slowdown in browsing?

>

> >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

>

> >>>> Hello ki4zji,

>

> >>>> What kind of network setup do you have, please describe more

> >>>> details,

> >>>> domain

> >>>> or workgroup? What does have problem, server or client? Please post

> >>>> an unedited

> >>>> ipconfig /all form your domai internal server and a client with

> >>>> problems.

> >>>> If your LAN internal machines use the ISP's server this is a bad

> >>>> configuration.

> >>>> But to help you, we need some more info about your network.

> >>>> Best regards

> >>>> Meinolf Weber

> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,

> >>>> and

> >>>> confers

> >>>> no rights.

> >>>> ** Please do NOT email, only reply to Newsgroups

> >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> >>>>> Here's the problem...

>

> >>>>> One of our installations is having what appears to be intermittent

> >>>>> problems with internet surfing download speeds.  We have replaced

> >>>>> the

> >>>>> DSL modem and thoroughly tested all the associated LAN hardware.

> >>>>> The

> >>>>> DSL provider has now responded saying:

> >>>>> "I have taken a further look and it seems that your server (LAN

> >>>>> IP:

> >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries

> >>>>> to

> >>>>> verify certain information before allowing your PC to bring up

> >>>>> that

> >>>>> webpage. This LDAP in your server is not recognizing certain pages

> >>>>> correctly. I would suggest the following:"

> >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however

> >>>>> I

> >>>>> fail to see how LDAP can interfere with web surfing.

> >>>>> Essentially, this server is isolated (through a NAT router with

> >>>>> all

> >>>>> incoming ports closed) from the internet and there is very little

> >>>>> risk of a malware infection.

> >>>>> The clients on the network are using x.x.x.2 as their DNS server.

>

> >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

> >>>>> the clients to see a slowdown in browsing?

>

> >>> Windows IP Configuration

>

> >>> Host Name . . . . . . . . . . . . : PMCC-S01

> >>> Primary Dns Suffix  . . . . . . . : pettymachine.local

> >>> Node Type . . . . . . . . . . . . : Hybrid

> >>> IP Routing Enabled. . . . . . . . : No

> >>> WINS Proxy Enabled. . . . . . . . : No

> >>> DNS Suffix Search List. . . . . . : pettymachine.local

> >>> Ethernet adapter Hamachi:

> >>> Connection-specific DNS Suffix  . :

> >>> Description . . . . . . . . . . . : Hamachi Network Interface

> >>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95

> >>> DHCP Enabled. . . . . . . . . . . : Yes

> >>> Autoconfiguration Enabled . . . . : No

> >>> IP Address. . . . . . . . . . . . : 5.42.248.149

> >>> Subnet Mask . . . . . . . . . . . : 255.0.0.0

> >>> Default Gateway . . . . . . . . . :

> >>> DHCP Server . . . . . . . . . . . : 5.0.0.1

> >>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008

> >>> 4:00:10 PM

> >>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009

> >>> 4:00:10 PM

> >>> Ethernet adapter Server Local Area Connection:

> >>> Connection-specific DNS Suffix  . :

> >>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit

> >>> Ethernet

> >>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8

> >>> DHCP Enabled. . . . . . . . . . . : No

> >>> IP Address. . . . . . . . . . . . : 192.168.0.2

> >>> Subnet Mask . . . . . . . . . . . : 255.255.255.0

> >>> Default Gateway . . . . . . . . . : 192.168.0.1

> >>> DNS Servers . . . . . . . . . . . : 192.168.0.2

> >>> Primary WINS Server . . . . . . . : 192.168.2.107

> >>> DNS is configured on this server and is pointing to 208.67.222.222 /

> >>> 208.67.220.220 / 192.168.0.2 as name servers.

> >>> This is from a windows 2003 PDC.  There are four PC's connected to

> >>> this server which are members of the domain and three PC's which

> >>> look to this server for DNS resolution only.  As you can see, we are

> >>> using OPEN DNS instead of our ISP's name server.  The problem here

> >>> appears to be in bandwidth (slow surfing).  While promising a

> >>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k

> >>> connection.  If DNS were not correct, we would see DNS errors, not a

> >>> decrease in available bandwidth, correct?

>

> >>> The problem occurs anywhere on the network and appears to be random.

> >>> I did not capture information from a client machine as the problem

> >>> is on both client and server.

>

> >>> The ISP is making two claims:

> >>> 1) there is some failure in LDAP causing the problem.  I don't know,

> >>> hence me asking the question.

> >>> 2) someone is downloading music from the server (.0.2).  I am the

> >>> only

> >>> one with access to the server, and I do not believe there to be any

> >>> malware on the server.  Further, during one of the slowdowns, I ran

> >>> a

> >>> netstat.  There were only two connections to the internet and both

> >>> were related to 'LOGMEIN.COM', the tool I use for remote support.

> >>> This would never account for 2.5M of bandwidth.

> >>> Thanks

> >>> Randy

> > the 5. address is a hamachi vpn address.  It is only active

> > occasionally for support purposes.  During this particular problem, it

> > is not active.

>

> > here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP

> > Configuration

>

> > Host Name . . . . . . . . . . . . : LINDA

> > Primary DNS Suffix  . . . . . . . :

> > Node Type . . . . . . . . . . . . : Hybrid

> > IP Routing Enabled. . . . . . . . : No

> > WINS Proxy Enabled. . . . . . . . : No

> > Ethernet adapter Local Area Connection:

>

> > Connection-specific DNS Suffix  . :

> > Description . . . . . . . . . . . : Intel® PRO/100 Network

> > Connection

> > Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B

> > DHCP Enabled. . . . . . . . . . . : No

> > IP Address. . . . . . . . . . . . : 192.168.0.25

> > Subnet Mask . . . . . . . . . . . : 255.255.255.0

> > Default Gateway . . . . . . . . . : 192.168.0.1

> > DNS Servers . . . . . . . . . . . : 192.168.0.2

> > Primary WINS Server . . . . . . . : 192.168.0.1

> > The addresses for the OPEN DNS servers are entered in accordance with

> > the instructions at:

> >https://www.opendns.com/smb/start/device/windows-server-2003.

> > In other words, these servers are included as 'FORWARDERS'.

> > Also, this configuration has worked for some time and has only failed

> > recently.  My suspicion is that there is some failure on the ISP's end

> > and they do not want to admit it.  However, I just want to make sure

> > that LDAP cannot cause such a slowdown.

 

my apologies ... x.x.x.2 is not included in the forwarders tab.

Guest Sven-D

Guest Sven-D

Posted
Posted

Re: LDAP and surfing

 

From the ipconfig from the client, I can see you are missing a primary dns

suffix.

 

 

"ki4zji" wrote:

> On Sep 29, 5:50 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> > Hello ki4zji,

> >

> > You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it

> > there.

> >

> > Best regards

> >

> > Meinolf Weber

> > Disclaimer: This posting is provided "AS IS" with no warranties, and confers

> > no rights.

> > ** Please do NOT email, only reply to Newsgroups

> > ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> >

> > > On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> >

> > >> Hello ki4zji,

> >

> > >> The DC is multihomed, which is a really bad decision for DC's. Or for

> > >> what is the 5.42.248.149 obtained from a DHCP server?

> >

> > >> Also, if you have configured the 208.67.222.222 / 208.67.220.220,

> > >> where did you set them, i can not see them on the output from

> > >> ipconfig /all?

> >

> > >> A DC have the need for an internal DNS server, externals only for

> > >> name resolution.

> > >> If DNS is not correct configured it can also slow down the network

> > >> and create

> > >> other strange problems. Even if your bandwith is not that much,

> > >> shouldn't

> > >> be a big problem with correct DNS settings.

> > >> What ip configuration does your clients have, please post an unedited

> > >> ipconfig /all from one of them.

> >

> > >> The LDAP entries in the logfile seems for me to come because your

> > >> server and also the clients, i assume, have DNS configuration

> > >> mismatches.

> >

> > >> Best regards

> >

> > >> Meinolf Weber

> > >> Disclaimer: This posting is provided "AS IS" with no warranties, and

> > >> confers

> > >> no rights.

> > >> ** Please do NOT email, only reply to Newsgroups

> > >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> >

> > >>>> Hello ki4zji,

> >

> > >>>> What kind of network setup do you have, please describe more

> > >>>> details,

> > >>>> domain

> > >>>> or workgroup? What does have problem, server or client? Please post

> > >>>> an unedited

> > >>>> ipconfig /all form your domai internal server and a client with

> > >>>> problems.

> > >>>> If your LAN internal machines use the ISP's server this is a bad

> > >>>> configuration.

> > >>>> But to help you, we need some more info about your network.

> > >>>> Best regards

> > >>>> Meinolf Weber

> > >>>> Disclaimer: This posting is provided "AS IS" with no warranties,

> > >>>> and

> > >>>> confers

> > >>>> no rights.

> > >>>> ** Please do NOT email, only reply to Newsgroups

> > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> > >>>>> Here's the problem...

> >

> > >>>>> One of our installations is having what appears to be intermittent

> > >>>>> problems with internet surfing download speeds. We have replaced

> > >>>>> the

> > >>>>> DSL modem and thoroughly tested all the associated LAN hardware.

> > >>>>> The

> > >>>>> DSL provider has now responded saying:

> > >>>>> "I have taken a further look and it seems that your server (LAN

> > >>>>> IP:

> > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries

> > >>>>> to

> > >>>>> verify certain information before allowing your PC to bring up

> > >>>>> that

> > >>>>> webpage. This LDAP in your server is not recognizing certain pages

> > >>>>> correctly. I would suggest the following:"

> > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however

> > >>>>> I

> > >>>>> fail to see how LDAP can interfere with web surfing.

> > >>>>> Essentially, this server is isolated (through a NAT router with

> > >>>>> all

> > >>>>> incoming ports closed) from the internet and there is very little

> > >>>>> risk of a malware infection.

> > >>>>> The clients on the network are using x.x.x.2 as their DNS server.

> >

> > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

> > >>>>> the clients to see a slowdown in browsing?

> >

> > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:

> >

> > >>>> Hello ki4zji,

> >

> > >>>> What kind of network setup do you have, please describe more

> > >>>> details,

> > >>>> domain

> > >>>> or workgroup? What does have problem, server or client? Please post

> > >>>> an unedited

> > >>>> ipconfig /all form your domai internal server and a client with

> > >>>> problems.

> > >>>> If your LAN internal machines use the ISP's server this is a bad

> > >>>> configuration.

> > >>>> But to help you, we need some more info about your network.

> > >>>> Best regards

> > >>>> Meinolf Weber

> > >>>> Disclaimer: This posting is provided "AS IS" with no warranties,

> > >>>> and

> > >>>> confers

> > >>>> no rights.

> > >>>> ** Please do NOT email, only reply to Newsgroups

> > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm

> > >>>>> Here's the problem...

> >

> > >>>>> One of our installations is having what appears to be intermittent

> > >>>>> problems with internet surfing download speeds. We have replaced

> > >>>>> the

> > >>>>> DSL modem and thoroughly tested all the associated LAN hardware.

> > >>>>> The

> > >>>>> DSL provider has now responded saying:

> > >>>>> "I have taken a further look and it seems that your server (LAN

> > >>>>> IP:

> > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries

> > >>>>> to

> > >>>>> verify certain information before allowing your PC to bring up

> > >>>>> that

> > >>>>> webpage. This LDAP in your server is not recognizing certain pages

> > >>>>> correctly. I would suggest the following:"

> > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however

> > >>>>> I

> > >>>>> fail to see how LDAP can interfere with web surfing.

> > >>>>> Essentially, this server is isolated (through a NAT router with

> > >>>>> all

> > >>>>> incoming ports closed) from the internet and there is very little

> > >>>>> risk of a malware infection.

> > >>>>> The clients on the network are using x.x.x.2 as their DNS server.

> >

> > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause

> > >>>>> the clients to see a slowdown in browsing?

> >

> > >>> Windows IP Configuration

> >

> > >>> Host Name . . . . . . . . . . . . : PMCC-S01

> > >>> Primary Dns Suffix . . . . . . . : pettymachine.local

> > >>> Node Type . . . . . . . . . . . . : Hybrid

> > >>> IP Routing Enabled. . . . . . . . : No

> > >>> WINS Proxy Enabled. . . . . . . . : No

> > >>> DNS Suffix Search List. . . . . . : pettymachine.local

> > >>> Ethernet adapter Hamachi:

> > >>> Connection-specific DNS Suffix . :

> > >>> Description . . . . . . . . . . . : Hamachi Network Interface

> > >>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95

> > >>> DHCP Enabled. . . . . . . . . . . : Yes

> > >>> Autoconfiguration Enabled . . . . : No

> > >>> IP Address. . . . . . . . . . . . : 5.42.248.149

> > >>> Subnet Mask . . . . . . . . . . . : 255.0.0.0

> > >>> Default Gateway . . . . . . . . . :

> > >>> DHCP Server . . . . . . . . . . . : 5.0.0.1

> > >>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008

> > >>> 4:00:10 PM

> > >>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009

> > >>> 4:00:10 PM

> > >>> Ethernet adapter Server Local Area Connection:

> > >>> Connection-specific DNS Suffix . :

> > >>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit

> > >>> Ethernet

> > >>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8

> > >>> DHCP Enabled. . . . . . . . . . . : No

> > >>> IP Address. . . . . . . . . . . . : 192.168.0.2

> > >>> Subnet Mask . . . . . . . . . . . : 255.255.255.0

> > >>> Default Gateway . . . . . . . . . : 192.168.0.1

> > >>> DNS Servers . . . . . . . . . . . : 192.168.0.2

> > >>> Primary WINS Server . . . . . . . : 192.168.2.107

> > >>> DNS is configured on this server and is pointing to 208.67.222.222 /

> > >>> 208.67.220.220 / 192.168.0.2 as name servers.

> > >>> This is from a windows 2003 PDC. There are four PC's connected to

> > >>> this server which are members of the domain and three PC's which

> > >>> look to this server for DNS resolution only. As you can see, we are

> > >>> using OPEN DNS instead of our ISP's name server. The problem here

> > >>> appears to be in bandwidth (slow surfing). While promising a

> > >>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k

> > >>> connection. If DNS were not correct, we would see DNS errors, not a

> > >>> decrease in available bandwidth, correct?

> >

> > >>> The problem occurs anywhere on the network and appears to be random.

> > >>> I did not capture information from a client machine as the problem

> > >>> is on both client and server.

> >

> > >>> The ISP is making two claims:

> > >>> 1) there is some failure in LDAP causing the problem. I don't know,

> > >>> hence me asking the question.

> > >>> 2) someone is downloading music from the server (.0.2). I am the

> > >>> only

> > >>> one with access to the server, and I do not believe there to be any

> > >>> malware on the server. Further, during one of the slowdowns, I ran

> > >>> a

> > >>> netstat. There were only two connections to the internet and both

> > >>> were related to 'LOGMEIN.COM', the tool I use for remote support.

> > >>> This would never account for 2.5M of bandwidth.

> > >>> Thanks

> > >>> Randy

> > > the 5. address is a hamachi vpn address. It is only active

> > > occasionally for support purposes. During this particular problem, it

> > > is not active.

> >

> > > here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP

> > > Configuration

> >

> > > Host Name . . . . . . . . . . . . : LINDA

> > > Primary DNS Suffix . . . . . . . :

> > > Node Type . . . . . . . . . . . . : Hybrid

> > > IP Routing Enabled. . . . . . . . : No

> > > WINS Proxy Enabled. . . . . . . . : No

> > > Ethernet adapter Local Area Connection:

> >

> > > Connection-specific DNS Suffix . :

> > > Description . . . . . . . . . . . : Intel® PRO/100 Network

> > > Connection

> > > Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B

> > > DHCP Enabled. . . . . . . . . . . : No

> > > IP Address. . . . . . . . . . . . : 192.168.0.25

> > > Subnet Mask . . . . . . . . . . . : 255.255.255.0

> > > Default Gateway . . . . . . . . . : 192.168.0.1

> > > DNS Servers . . . . . . . . . . . : 192.168.0.2

> > > Primary WINS Server . . . . . . . : 192.168.0.1

> > > The addresses for the OPEN DNS servers are entered in accordance with

> > > the instructions at:

> > >https://www.opendns.com/smb/start/device/windows-server-2003.

> > > In other words, these servers are included as 'FORWARDERS'.

> > > Also, this configuration has worked for some time and has only failed

> > > recently. My suspicion is that there is some failure on the ISP's end

> > > and they do not want to admit it. However, I just want to make sure

> > > that LDAP cannot cause such a slowdown.

>

> my apologies ... x.x.x.2 is not included in the forwarders tab.

>

>

 Share
Go to topic listing
×
×
  • Create New...