Guest ki4zji Posted September 29, 2008 Posted September 29, 2008 Here's the problem... One of our installations is having what appears to be intermittent problems with internet surfing download speeds. We have replaced the DSL modem and thoroughly tested all the associated LAN hardware. The DSL provider has now responded saying: "I have taken a further look and it seems that your server (LAN IP: 192.168.0.2) seems to be using something called "LDAP" which tries to verify certain information before allowing your PC to bring up that webpage. This LDAP in your server is not recognizing certain pages correctly. I would suggest the following:" The address x.x.x.2 is, in fact, our windows 2003 server, however I fail to see how LDAP can interfere with web surfing. Essentially, this server is isolated (through a NAT router with all incoming ports closed) from the internet and there is very little risk of a malware infection. The clients on the network are using x.x.x.2 as their DNS server. Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the clients to see a slowdown in browsing?
Guest Meinolf Weber Posted September 29, 2008 Posted September 29, 2008 Re: LDAP and surfing Hello ki4zji, What kind of network setup do you have, please describe more details, domain or workgroup? What does have problem, server or client? Please post an unedited ipconfig /all form your domai internal server and a client with problems. If your LAN internal machines use the ISP's server this is a bad configuration. But to help you, we need some more info about your network. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > Here's the problem... > > One of our installations is having what appears to be intermittent > problems with internet surfing download speeds. We have replaced the > DSL modem and thoroughly tested all the associated LAN hardware. The > DSL provider has now responded saying: > "I have taken a further look and it seems that your server (LAN IP: > 192.168.0.2) seems to be using something called "LDAP" which tries to > verify certain information before allowing your PC to bring up that > webpage. This LDAP in your server is not recognizing certain pages > correctly. I would suggest the following:" > The address x.x.x.2 is, in fact, our windows 2003 server, however I > fail to see how LDAP can interfere with web surfing. > > Essentially, this server is isolated (through a NAT router with all > incoming ports closed) from the internet and there is very little risk > of a malware infection. > > The clients on the network are using x.x.x.2 as their DNS server. > > Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the > clients to see a slowdown in browsing? >
Guest ki4zji Posted September 29, 2008 Posted September 29, 2008 Re: LDAP and surfing On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > Hello ki4zji, > > What kind of network setup do you have, please describe more details, domain > or workgroup? What does have problem, server or client? Please post an unedited > ipconfig /all form your domai internal server and a client with problems. > If your LAN internal machines use the ISP's server this is a bad configuration. > But to help you, we need some more info about your network. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > > Here's the problem... > > > One of our installations is having what appears to be intermittent > > problems with internet surfing download speeds. We have replaced the > > DSL modem and thoroughly tested all the associated LAN hardware. The > > DSL provider has now responded saying: > > "I have taken a further look and it seems that your server (LAN IP: > > 192.168.0.2) seems to be using something called "LDAP" which tries to > > verify certain information before allowing your PC to bring up that > > webpage. This LDAP in your server is not recognizing certain pages > > correctly. I would suggest the following:" > > The address x.x.x.2 is, in fact, our windows 2003 server, however I > > fail to see how LDAP can interfere with web surfing. > > > Essentially, this server is isolated (through a NAT router with all > > incoming ports closed) from the internet and there is very little risk > > of a malware infection. > > > The clients on the network are using x.x.x.2 as their DNS server. > > > Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the > > clients to see a slowdown in browsing? On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > Hello ki4zji, > > What kind of network setup do you have, please describe more details, domain > or workgroup? What does have problem, server or client? Please post an unedited > ipconfig /all form your domai internal server and a client with problems. > If your LAN internal machines use the ISP's server this is a bad configuration. > But to help you, we need some more info about your network. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > > Here's the problem... > > > One of our installations is having what appears to be intermittent > > problems with internet surfing download speeds. We have replaced the > > DSL modem and thoroughly tested all the associated LAN hardware. The > > DSL provider has now responded saying: > > "I have taken a further look and it seems that your server (LAN IP: > > 192.168.0.2) seems to be using something called "LDAP" which tries to > > verify certain information before allowing your PC to bring up that > > webpage. This LDAP in your server is not recognizing certain pages > > correctly. I would suggest the following:" > > The address x.x.x.2 is, in fact, our windows 2003 server, however I > > fail to see how LDAP can interfere with web surfing. > > > Essentially, this server is isolated (through a NAT router with all > > incoming ports closed) from the internet and there is very little risk > > of a malware infection. > > > The clients on the network are using x.x.x.2 as their DNS server. > > > Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the > > clients to see a slowdown in browsing? Windows IP Configuration Host Name . . . . . . . . . . . . : PMCC-S01 Primary Dns Suffix . . . . . . . : pettymachine.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : pettymachine.local Ethernet adapter Hamachi: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Hamachi Network Interface Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : No IP Address. . . . . . . . . . . . : 5.42.248.149 Subnet Mask . . . . . . . . . . . : 255.0.0.0 Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : 5.0.0.1 Lease Obtained. . . . . . . . . . : Monday, September 29, 2008 4:00:10 PM Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009 4:00:10 PM Ethernet adapter Server Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 Primary WINS Server . . . . . . . : 192.168.2.107 DNS is configured on this server and is pointing to 208.67.222.222 / 208.67.220.220 / 192.168.0.2 as name servers. This is from a windows 2003 PDC. There are four PC's connected to this server which are members of the domain and three PC's which look to this server for DNS resolution only. As you can see, we are using OPEN DNS instead of our ISP's name server. The problem here appears to be in bandwidth (slow surfing). While promising a 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k connection. If DNS were not correct, we would see DNS errors, not a decrease in available bandwidth, correct? The problem occurs anywhere on the network and appears to be random. I did not capture information from a client machine as the problem is on both client and server. The ISP is making two claims: 1) there is some failure in LDAP causing the problem. I don't know, hence me asking the question. 2) someone is downloading music from the server (.0.2). I am the only one with access to the server, and I do not believe there to be any malware on the server. Further, during one of the slowdowns, I ran a netstat. There were only two connections to the internet and both were related to 'LOGMEIN.COM', the tool I use for remote support. This would never account for 2.5M of bandwidth. Thanks Randy
Guest ki4zji Posted September 29, 2008 Posted September 29, 2008 Re: LDAP and surfing If it helps, the ISP has also provided a SYSLOG: 139:44:02 Elapsed Time syslog: failed dns request len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC- S01.pettymachine.local 139:44:02 Elapsed Time syslog: failed dns request len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC- S01.pettymachine.local 139:46:33 Elapsed Time syslog: failed dns request len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid 139:46:33 Elapsed Time syslog: failed dns request len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid 139:48:28 Elapsed Time syslog: failed dns request len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid 139:54:01 Elapsed Time syslog: failed dns request len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site- Name._sites.PMCC-S01.pettymac 139:54:27 Elapsed Time syslog: failed dns request len=73,srcip=208.67.222.222, url=PMCC-S01.pettymachine.local 139:54:28 Elapsed Time syslog: failed dns request len=64,srcip=208.67.222.222, url=pettymachine.local 139:54:28 Elapsed Time syslog: failed dns request len=64,srcip=208.67.220.220, url=pettymachine.local 139:54:28 Elapsed Time syslog: failed dns request len=51,srcip=208.67.222.222, url=local 139:54:29 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=2.0.168.192.in-addr.arpa 139:54:30 Elapsed Time syslog: failed dns request len=68,srcip=208.67.222.222, url=0.168.192.in-addr.arpa 139:54:30 Elapsed Time syslog: failed dns request len=68,srcip=208.67.220.220, url=0.168.192.in-addr.arpa 139:59:02 Elapsed Time syslog: failed dns request len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local 140:00:00 Elapsed Time -- MARK -- 140:04:02 Elapsed Time syslog: failed dns request len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC- S01.pettymachine.local 140:04:03 Elapsed Time syslog: failed dns request len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC- S01.pettymachine.local 140:09:02 Elapsed Time syslog: failed dns request len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site- Name._sites.PMCC-S01.pettymac 140:10:14 Elapsed Time udhcpd: SENDING ACK to larry 140:10:14 Elapsed Time udhcpd: sending ACK to 192.168.0.100 140:10:14 Elapsed Time udhcpd: ADD 00:1e:90:39:c3:10 192.168.0.100 86400l larry 140:10:21 Elapsed Time syslog: failed dns request len=89,srcip=208.67.222.222, url=_ldap._tcp.dc._msdcs.domain_not_set.invalid 140:10:23 Elapsed Time syslog: failed dns request len=89,srcip=208.67.222.222, url=_ldap._tcp.dc._msdcs.domain_not_set.invalid 140:12:14 Elapsed Time udhcpd: SENDING ACK to larry 140:12:14 Elapsed Time udhcpd: sending ACK to 192.168.0.100 140:12:14 Elapsed Time udhcpd: ADD 00:1e:90:39:c3:10 192.168.0.100 86400l larry 140:18:06 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local 140:18:07 Elapsed Time syslog: failed dns request len=70,srcip=208.67.220.220, url=LINDA.pettymachine.local 140:19:01 Elapsed Time syslog: failed dns request len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC- S01.pettymachine.local 140:19:01 Elapsed Time syslog: failed dns request len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local 140:20:00 Elapsed Time -- MARK -- 140:20:29 Elapsed Time syslog: failed dns request len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid 140:21:53 Elapsed Time syslog: failed dns request len=69,srcip=208.67.222.222, url=wpad.pettymachine.local 140:24:01 Elapsed Time syslog: failed dns request len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site- Name._sites.PMCC-S01.pettymac 140:26:15 Elapsed Time syslog: failed dns request len=50,srcip=208.67.222.222, url=wpad 140:38:06 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local 140:39:01 Elapsed Time syslog: failed dns request len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site- Name._sites.PMCC-S01.pettymac 140:39:03 Elapsed Time syslog: failed dns request len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC- S01.pettymachine.local 140:39:03 Elapsed Time syslog: failed dns request len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC- S01.pettymachine.local 140:39:03 Elapsed Time syslog: failed dns request len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local 140:40:00 Elapsed Time -- MARK -- 140:41:49 Elapsed Time syslog: failed dns request len=50,srcip=208.67.222.222, url=wpad 140:52:30 Elapsed Time syslog: failed dns request len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid 140:54:32 Elapsed Time syslog: failed dns request len=73,srcip=208.67.222.222, url=PMCC-S01.pettymachine.local 140:54:32 Elapsed Time syslog: failed dns request len=73,srcip=208.67.220.220, url=PMCC-S01.pettymachine.local 140:54:32 Elapsed Time syslog: failed dns request len=64,srcip=208.67.222.222, url=pettymachine.local 140:54:32 Elapsed Time syslog: failed dns request len=51,srcip=208.67.222.222, url=local 140:54:32 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=2.0.168.192.in-addr.arpa 140:54:32 Elapsed Time syslog: failed dns request len=68,srcip=208.67.222.222, url=0.168.192.in-addr.arpa 140:56:08 Elapsed Time syslog: failed dns request len=148,srcip=4.2.2.2, url=wpad.domain_not_set.invalid 140:57:50 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local 140:59:01 Elapsed Time syslog: failed dns request len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site- Name._sites.PMCC-S01.pettymac 140:59:01 Elapsed Time syslog: failed dns request len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC- S01.pettymachine.local 140:59:01 Elapsed Time syslog: failed dns request len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local 141:00:00 Elapsed Time -- MARK -- 141:12:59 Elapsed Time syslog: failed dns request len=50,srcip=208.67.222.222, url=wpad 141:14:01 Elapsed Time syslog: failed dns request len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site- Name._sites.PMCC-S01.pettymac 141:14:01 Elapsed Time syslog: failed dns request len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC- S01.pettymachine.local 141:14:01 Elapsed Time syslog: failed dns request len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local 141:15:35 Elapsed Time syslog: failed dns request len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid 141:15:36 Elapsed Time syslog: failed dns request len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid 141:20:00 Elapsed Time -- MARK -- 141:20:52 Elapsed Time syslog: failed dns request len=69,srcip=208.67.222.222, url=wpad.pettymachine.local 141:24:31 Elapsed Time syslog: failed dns request len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid 141:28:34 Elapsed Time syslog: failed dns request len=50,srcip=208.67.222.222, url=wpad 141:28:39 Elapsed Time syslog: failed dns request len=69,srcip=208.67.222.222, url=wpad.pettymachine.local 141:28:53 Elapsed Time syslog: failed dns request len=151,srcip=4.2.2.2, url=Flowboy.domain_not_set.invalid 141:29:01 Elapsed Time syslog: failed dns request len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site- Name._sites.PMCC-S01.pettymac 141:29:01 Elapsed Time syslog: failed dns request len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC- S01.pettymachine.local 141:29:02 Elapsed Time syslog: failed dns request len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local 141:29:06 Elapsed Time syslog: failed dns request len=153,srcip=4.2.2.2, url=Cadserver.domain_not_set.invalid 141:31:41 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local 141:31:41 Elapsed Time syslog: failed dns request len=70,srcip=208.67.220.220, url=LINDA.pettymachine.local 141:32:00 Elapsed Time syslog: failed dns request len=71,srcip=208.67.222.222, url=25.206.253.5.in-addr.arpa 141:32:06 Elapsed Time syslog: failed dns request len=71,srcip=208.67.222.222, url=25.0.168.192.in-addr.arpa 141:32:06 Elapsed Time syslog: failed dns request len=71,srcip=208.67.220.220, url=25.0.168.192.in-addr.arpa 141:32:11 Elapsed Time syslog: failed dns request len=72,srcip=208.67.222.222, url=102.0.168.192.in-addr.arpa 141:32:15 Elapsed Time syslog: failed dns request len=72,srcip=208.67.222.222, url=103.0.168.192.in-addr.arpa 141:32:21 Elapsed Time syslog: failed dns request len=72,srcip=208.67.222.222, url=104.0.168.192.in-addr.arpa 141:32:21 Elapsed Time syslog: failed dns request len=72,srcip=208.67.220.220, url=104.0.168.192.in-addr.arpa 141:32:26 Elapsed Time syslog: failed dns request len=72,srcip=208.67.222.222, url=106.0.168.192.in-addr.arpa 141:32:32 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=105.18.9.76.in-addr.arpa 141:32:38 Elapsed Time syslog: failed dns request len=70,srcip=208.67.222.222, url=61.124.5.72.in-addr.arpa 141:32:38 Elapsed Time syslog: failed dns request len=70,srcip=208.67.220.220, url=61.124.5.72.in-addr.arpa Thanks Randy
Guest Meinolf Weber Posted September 29, 2008 Posted September 29, 2008 Re: LDAP and surfing Hello ki4zji, The DC is multihomed, which is a really bad decision for DC's. Or for what is the 5.42.248.149 obtained from a DHCP server? Also, if you have configured the 208.67.222.222 / 208.67.220.220, where did you set them, i can not see them on the output from ipconfig /all? A DC have the need for an internal DNS server, externals only for name resolution. If DNS is not correct configured it can also slow down the network and create other strange problems. Even if your bandwith is not that much, shouldn't be a big problem with correct DNS settings. What ip configuration does your clients have, please post an unedited ipconfig /all from one of them. The LDAP entries in the logfile seems for me to come because your server and also the clients, i assume, have DNS configuration mismatches. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > >> Hello ki4zji, >> >> What kind of network setup do you have, please describe more details, >> domain >> or workgroup? What does have problem, server or client? Please post >> an unedited >> ipconfig /all form your domai internal server and a client with >> problems. >> If your LAN internal machines use the ISP's server this is a bad >> configuration. >> But to help you, we need some more info about your network. >> Best regards >> >> Meinolf Weber >> Disclaimer: This posting is provided "AS IS" with no warranties, and >> confers >> no rights. >> ** Please do NOT email, only reply to Newsgroups >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm >>> Here's the problem... >>> >>> One of our installations is having what appears to be intermittent >>> problems with internet surfing download speeds. We have replaced >>> the >>> DSL modem and thoroughly tested all the associated LAN hardware. >>> The >>> DSL provider has now responded saying: >>> "I have taken a further look and it seems that your server (LAN IP: >>> 192.168.0.2) seems to be using something called "LDAP" which tries >>> to >>> verify certain information before allowing your PC to bring up that >>> webpage. This LDAP in your server is not recognizing certain pages >>> correctly. I would suggest the following:" >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I >>> fail to see how LDAP can interfere with web surfing. >>> Essentially, this server is isolated (through a NAT router with all >>> incoming ports closed) from the internet and there is very little >>> risk of a malware infection. >>> >>> The clients on the network are using x.x.x.2 as their DNS server. >>> >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause >>> the clients to see a slowdown in browsing? >>> > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > >> Hello ki4zji, >> >> What kind of network setup do you have, please describe more details, >> domain >> or workgroup? What does have problem, server or client? Please post >> an unedited >> ipconfig /all form your domai internal server and a client with >> problems. >> If your LAN internal machines use the ISP's server this is a bad >> configuration. >> But to help you, we need some more info about your network. >> Best regards >> >> Meinolf Weber >> Disclaimer: This posting is provided "AS IS" with no warranties, and >> confers >> no rights. >> ** Please do NOT email, only reply to Newsgroups >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm >>> Here's the problem... >>> >>> One of our installations is having what appears to be intermittent >>> problems with internet surfing download speeds. We have replaced >>> the >>> DSL modem and thoroughly tested all the associated LAN hardware. >>> The >>> DSL provider has now responded saying: >>> "I have taken a further look and it seems that your server (LAN IP: >>> 192.168.0.2) seems to be using something called "LDAP" which tries >>> to >>> verify certain information before allowing your PC to bring up that >>> webpage. This LDAP in your server is not recognizing certain pages >>> correctly. I would suggest the following:" >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I >>> fail to see how LDAP can interfere with web surfing. >>> Essentially, this server is isolated (through a NAT router with all >>> incoming ports closed) from the internet and there is very little >>> risk of a malware infection. >>> >>> The clients on the network are using x.x.x.2 as their DNS server. >>> >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause >>> the clients to see a slowdown in browsing? >>> > Windows IP Configuration > > Host Name . . . . . . . . . . . . : PMCC-S01 > Primary Dns Suffix . . . . . . . : pettymachine.local > Node Type . . . . . . . . . . . . : Hybrid > IP Routing Enabled. . . . . . . . : No > WINS Proxy Enabled. . . . . . . . : No > DNS Suffix Search List. . . . . . : pettymachine.local > Ethernet adapter Hamachi: > > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Hamachi Network Interface > Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95 > DHCP Enabled. . . . . . . . . . . : Yes > Autoconfiguration Enabled . . . . : No > IP Address. . . . . . . . . . . . : 5.42.248.149 > Subnet Mask . . . . . . . . . . . : 255.0.0.0 > Default Gateway . . . . . . . . . : > DHCP Server . . . . . . . . . . . : 5.0.0.1 > Lease Obtained. . . . . . . . . . : Monday, September 29, 2008 > 4:00:10 PM > Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009 > 4:00:10 PM > Ethernet adapter Server Local Area Connection: > > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit > Ethernet > Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8 > DHCP Enabled. . . . . . . . . . . : No > IP Address. . . . . . . . . . . . : 192.168.0.2 > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : 192.168.0.1 > DNS Servers . . . . . . . . . . . : 192.168.0.2 > Primary WINS Server . . . . . . . : 192.168.2.107 > DNS is configured on this server and is pointing to 208.67.222.222 / > 208.67.220.220 / 192.168.0.2 as name servers. > > This is from a windows 2003 PDC. There are four PC's connected to > this server which are members of the domain and three PC's which look > to this server for DNS resolution only. As you can see, we are using > OPEN DNS instead of our ISP's name server. The problem here appears > to be in bandwidth (slow surfing). While promising a 3.0/384 > connection, DSL Reports' speed tests indicate a 561k / 306k > connection. If DNS were not correct, we would see DNS errors, not a > decrease in available bandwidth, correct? > > The problem occurs anywhere on the network and appears to be random. I > did not capture information from a client machine as the problem is on > both client and server. > > The ISP is making two claims: > 1) there is some failure in LDAP causing the problem. I don't know, > hence me asking the question. > 2) someone is downloading music from the server (.0.2). I am the only > one with access to the server, and I do not believe there to be any > malware on the server. Further, during one of the slowdowns, I ran a > netstat. There were only two connections to the internet and both > were related to 'LOGMEIN.COM', the tool I use for remote support. > This would never account for 2.5M of bandwidth. > Thanks > Randy
Guest ki4zji Posted September 29, 2008 Posted September 29, 2008 Re: LDAP and surfing On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > Hello ki4zji, > > The DC is multihomed, which is a really bad decision for DC's. Or for what > is the 5.42.248.149 obtained from a DHCP server? > > Also, if you have configured the 208.67.222.222 / 208.67.220.220, where did > you set them, i can not see them on the output from ipconfig /all? > > A DC have the need for an internal DNS server, externals only for name resolution. > If DNS is not correct configured it can also slow down the network and create > other strange problems. Even if your bandwith is not that much, shouldn't > be a big problem with correct DNS settings. > > What ip configuration does your clients have, please post an unedited ipconfig > /all from one of them. > > The LDAP entries in the logfile seems for me to come because your server > and also the clients, i assume, have DNS configuration mismatches. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > >> Hello ki4zji, > > >> What kind of network setup do you have, please describe more details, > >> domain > >> or workgroup? What does have problem, server or client? Please post > >> an unedited > >> ipconfig /all form your domai internal server and a client with > >> problems. > >> If your LAN internal machines use the ISP's server this is a bad > >> configuration. > >> But to help you, we need some more info about your network. > >> Best regards > > >> Meinolf Weber > >> Disclaimer: This posting is provided "AS IS" with no warranties, and > >> confers > >> no rights. > >> ** Please do NOT email, only reply to Newsgroups > >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > >>> Here's the problem... > > >>> One of our installations is having what appears to be intermittent > >>> problems with internet surfing download speeds. We have replaced > >>> the > >>> DSL modem and thoroughly tested all the associated LAN hardware. > >>> The > >>> DSL provider has now responded saying: > >>> "I have taken a further look and it seems that your server (LAN IP: > >>> 192.168.0.2) seems to be using something called "LDAP" which tries > >>> to > >>> verify certain information before allowing your PC to bring up that > >>> webpage. This LDAP in your server is not recognizing certain pages > >>> correctly. I would suggest the following:" > >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I > >>> fail to see how LDAP can interfere with web surfing. > >>> Essentially, this server is isolated (through a NAT router with all > >>> incoming ports closed) from the internet and there is very little > >>> risk of a malware infection. > > >>> The clients on the network are using x.x.x.2 as their DNS server. > > >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause > >>> the clients to see a slowdown in browsing? > > > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > >> Hello ki4zji, > > >> What kind of network setup do you have, please describe more details, > >> domain > >> or workgroup? What does have problem, server or client? Please post > >> an unedited > >> ipconfig /all form your domai internal server and a client with > >> problems. > >> If your LAN internal machines use the ISP's server this is a bad > >> configuration. > >> But to help you, we need some more info about your network. > >> Best regards > > >> Meinolf Weber > >> Disclaimer: This posting is provided "AS IS" with no warranties, and > >> confers > >> no rights. > >> ** Please do NOT email, only reply to Newsgroups > >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > >>> Here's the problem... > > >>> One of our installations is having what appears to be intermittent > >>> problems with internet surfing download speeds. We have replaced > >>> the > >>> DSL modem and thoroughly tested all the associated LAN hardware. > >>> The > >>> DSL provider has now responded saying: > >>> "I have taken a further look and it seems that your server (LAN IP: > >>> 192.168.0.2) seems to be using something called "LDAP" which tries > >>> to > >>> verify certain information before allowing your PC to bring up that > >>> webpage. This LDAP in your server is not recognizing certain pages > >>> correctly. I would suggest the following:" > >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I > >>> fail to see how LDAP can interfere with web surfing. > >>> Essentially, this server is isolated (through a NAT router with all > >>> incoming ports closed) from the internet and there is very little > >>> risk of a malware infection. > > >>> The clients on the network are using x.x.x.2 as their DNS server. > > >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause > >>> the clients to see a slowdown in browsing? > > > Windows IP Configuration > > > Host Name . . . . . . . . . . . . : PMCC-S01 > > Primary Dns Suffix . . . . . . . : pettymachine.local > > Node Type . . . . . . . . . . . . : Hybrid > > IP Routing Enabled. . . . . . . . : No > > WINS Proxy Enabled. . . . . . . . : No > > DNS Suffix Search List. . . . . . : pettymachine.local > > Ethernet adapter Hamachi: > > > Connection-specific DNS Suffix . : > > Description . . . . . . . . . . . : Hamachi Network Interface > > Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95 > > DHCP Enabled. . . . . . . . . . . : Yes > > Autoconfiguration Enabled . . . . : No > > IP Address. . . . . . . . . . . . : 5.42.248.149 > > Subnet Mask . . . . . . . . . . . : 255.0.0.0 > > Default Gateway . . . . . . . . . : > > DHCP Server . . . . . . . . . . . : 5.0.0.1 > > Lease Obtained. . . . . . . . . . : Monday, September 29, 2008 > > 4:00:10 PM > > Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009 > > 4:00:10 PM > > Ethernet adapter Server Local Area Connection: > > > Connection-specific DNS Suffix . : > > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit > > Ethernet > > Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8 > > DHCP Enabled. . . . . . . . . . . : No > > IP Address. . . . . . . . . . . . : 192.168.0.2 > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Default Gateway . . . . . . . . . : 192.168.0.1 > > DNS Servers . . . . . . . . . . . : 192.168.0.2 > > Primary WINS Server . . . . . . . : 192.168.2.107 > > DNS is configured on this server and is pointing to 208.67.222.222 / > > 208.67.220.220 / 192.168.0.2 as name servers. > > > This is from a windows 2003 PDC. There are four PC's connected to > > this server which are members of the domain and three PC's which look > > to this server for DNS resolution only. As you can see, we are using > > OPEN DNS instead of our ISP's name server. The problem here appears > > to be in bandwidth (slow surfing). While promising a 3.0/384 > > connection, DSL Reports' speed tests indicate a 561k / 306k > > connection. If DNS were not correct, we would see DNS errors, not a > > decrease in available bandwidth, correct? > > > The problem occurs anywhere on the network and appears to be random. I > > did not capture information from a client machine as the problem is on > > both client and server. > > > The ISP is making two claims: > > 1) there is some failure in LDAP causing the problem. I don't know, > > hence me asking the question. > > 2) someone is downloading music from the server (.0.2). I am the only > > one with access to the server, and I do not believe there to be any > > malware on the server. Further, during one of the slowdowns, I ran a > > netstat. There were only two connections to the internet and both > > were related to 'LOGMEIN.COM', the tool I use for remote support. > > This would never account for 2.5M of bandwidth. > > Thanks > > Randy the 5. address is a hamachi vpn address. It is only active occasionally for support purposes. During this particular problem, it is not active. here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP Configuration Host Name . . . . . . . . . . . . : LINDA Primary DNS Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® PRO/100 Network Connection Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.0.25 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.2 Primary WINS Server . . . . . . . : 192.168.0.1 The addresses for the OPEN DNS servers are entered in accordance with the instructions at: https://www.opendns.com/smb/start/device/windows-server-2003. In other words, these servers are included as 'FORWARDERS'. Also, this configuration has worked for some time and has only failed recently. My suspicion is that there is some failure on the ISP's end and they do not want to admit it. However, I just want to make sure that LDAP cannot cause such a slowdown.
Guest Meinolf Weber Posted September 29, 2008 Posted September 29, 2008 Re: LDAP and surfing Hello ki4zji, You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it there. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > >> Hello ki4zji, >> >> The DC is multihomed, which is a really bad decision for DC's. Or for >> what is the 5.42.248.149 obtained from a DHCP server? >> >> Also, if you have configured the 208.67.222.222 / 208.67.220.220, >> where did you set them, i can not see them on the output from >> ipconfig /all? >> >> A DC have the need for an internal DNS server, externals only for >> name resolution. >> If DNS is not correct configured it can also slow down the network >> and create >> other strange problems. Even if your bandwith is not that much, >> shouldn't >> be a big problem with correct DNS settings. >> What ip configuration does your clients have, please post an unedited >> ipconfig /all from one of them. >> >> The LDAP entries in the logfile seems for me to come because your >> server and also the clients, i assume, have DNS configuration >> mismatches. >> >> Best regards >> >> Meinolf Weber >> Disclaimer: This posting is provided "AS IS" with no warranties, and >> confers >> no rights. >> ** Please do NOT email, only reply to Newsgroups >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: >>> >>>> Hello ki4zji, >>>> >>>> What kind of network setup do you have, please describe more >>>> details, >>>> domain >>>> or workgroup? What does have problem, server or client? Please post >>>> an unedited >>>> ipconfig /all form your domai internal server and a client with >>>> problems. >>>> If your LAN internal machines use the ISP's server this is a bad >>>> configuration. >>>> But to help you, we need some more info about your network. >>>> Best regards >>>> Meinolf Weber >>>> Disclaimer: This posting is provided "AS IS" with no warranties, >>>> and >>>> confers >>>> no rights. >>>> ** Please do NOT email, only reply to Newsgroups >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm >>>>> Here's the problem... >>>>> >>>>> One of our installations is having what appears to be intermittent >>>>> problems with internet surfing download speeds. We have replaced >>>>> the >>>>> DSL modem and thoroughly tested all the associated LAN hardware. >>>>> The >>>>> DSL provider has now responded saying: >>>>> "I have taken a further look and it seems that your server (LAN >>>>> IP: >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries >>>>> to >>>>> verify certain information before allowing your PC to bring up >>>>> that >>>>> webpage. This LDAP in your server is not recognizing certain pages >>>>> correctly. I would suggest the following:" >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however >>>>> I >>>>> fail to see how LDAP can interfere with web surfing. >>>>> Essentially, this server is isolated (through a NAT router with >>>>> all >>>>> incoming ports closed) from the internet and there is very little >>>>> risk of a malware infection. >>>>> The clients on the network are using x.x.x.2 as their DNS server. >>>>> >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause >>>>> the clients to see a slowdown in browsing? >>>>> >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: >>> >>>> Hello ki4zji, >>>> >>>> What kind of network setup do you have, please describe more >>>> details, >>>> domain >>>> or workgroup? What does have problem, server or client? Please post >>>> an unedited >>>> ipconfig /all form your domai internal server and a client with >>>> problems. >>>> If your LAN internal machines use the ISP's server this is a bad >>>> configuration. >>>> But to help you, we need some more info about your network. >>>> Best regards >>>> Meinolf Weber >>>> Disclaimer: This posting is provided "AS IS" with no warranties, >>>> and >>>> confers >>>> no rights. >>>> ** Please do NOT email, only reply to Newsgroups >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm >>>>> Here's the problem... >>>>> >>>>> One of our installations is having what appears to be intermittent >>>>> problems with internet surfing download speeds. We have replaced >>>>> the >>>>> DSL modem and thoroughly tested all the associated LAN hardware. >>>>> The >>>>> DSL provider has now responded saying: >>>>> "I have taken a further look and it seems that your server (LAN >>>>> IP: >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries >>>>> to >>>>> verify certain information before allowing your PC to bring up >>>>> that >>>>> webpage. This LDAP in your server is not recognizing certain pages >>>>> correctly. I would suggest the following:" >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however >>>>> I >>>>> fail to see how LDAP can interfere with web surfing. >>>>> Essentially, this server is isolated (through a NAT router with >>>>> all >>>>> incoming ports closed) from the internet and there is very little >>>>> risk of a malware infection. >>>>> The clients on the network are using x.x.x.2 as their DNS server. >>>>> >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause >>>>> the clients to see a slowdown in browsing? >>>>> >>> Windows IP Configuration >>> >>> Host Name . . . . . . . . . . . . : PMCC-S01 >>> Primary Dns Suffix . . . . . . . : pettymachine.local >>> Node Type . . . . . . . . . . . . : Hybrid >>> IP Routing Enabled. . . . . . . . : No >>> WINS Proxy Enabled. . . . . . . . : No >>> DNS Suffix Search List. . . . . . : pettymachine.local >>> Ethernet adapter Hamachi: >>> Connection-specific DNS Suffix . : >>> Description . . . . . . . . . . . : Hamachi Network Interface >>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95 >>> DHCP Enabled. . . . . . . . . . . : Yes >>> Autoconfiguration Enabled . . . . : No >>> IP Address. . . . . . . . . . . . : 5.42.248.149 >>> Subnet Mask . . . . . . . . . . . : 255.0.0.0 >>> Default Gateway . . . . . . . . . : >>> DHCP Server . . . . . . . . . . . : 5.0.0.1 >>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008 >>> 4:00:10 PM >>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009 >>> 4:00:10 PM >>> Ethernet adapter Server Local Area Connection: >>> Connection-specific DNS Suffix . : >>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit >>> Ethernet >>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8 >>> DHCP Enabled. . . . . . . . . . . : No >>> IP Address. . . . . . . . . . . . : 192.168.0.2 >>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>> Default Gateway . . . . . . . . . : 192.168.0.1 >>> DNS Servers . . . . . . . . . . . : 192.168.0.2 >>> Primary WINS Server . . . . . . . : 192.168.2.107 >>> DNS is configured on this server and is pointing to 208.67.222.222 / >>> 208.67.220.220 / 192.168.0.2 as name servers. >>> This is from a windows 2003 PDC. There are four PC's connected to >>> this server which are members of the domain and three PC's which >>> look to this server for DNS resolution only. As you can see, we are >>> using OPEN DNS instead of our ISP's name server. The problem here >>> appears to be in bandwidth (slow surfing). While promising a >>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k >>> connection. If DNS were not correct, we would see DNS errors, not a >>> decrease in available bandwidth, correct? >>> >>> The problem occurs anywhere on the network and appears to be random. >>> I did not capture information from a client machine as the problem >>> is on both client and server. >>> >>> The ISP is making two claims: >>> 1) there is some failure in LDAP causing the problem. I don't know, >>> hence me asking the question. >>> 2) someone is downloading music from the server (.0.2). I am the >>> only >>> one with access to the server, and I do not believe there to be any >>> malware on the server. Further, during one of the slowdowns, I ran >>> a >>> netstat. There were only two connections to the internet and both >>> were related to 'LOGMEIN.COM', the tool I use for remote support. >>> This would never account for 2.5M of bandwidth. >>> Thanks >>> Randy > the 5. address is a hamachi vpn address. It is only active > occasionally for support purposes. During this particular problem, it > is not active. > > here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP > Configuration > > Host Name . . . . . . . . . . . . : LINDA > Primary DNS Suffix . . . . . . . : > Node Type . . . . . . . . . . . . : Hybrid > IP Routing Enabled. . . . . . . . : No > WINS Proxy Enabled. . . . . . . . : No > Ethernet adapter Local Area Connection: > > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Intel® PRO/100 Network > Connection > Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B > DHCP Enabled. . . . . . . . . . . : No > IP Address. . . . . . . . . . . . : 192.168.0.25 > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > Default Gateway . . . . . . . . . : 192.168.0.1 > DNS Servers . . . . . . . . . . . : 192.168.0.2 > Primary WINS Server . . . . . . . : 192.168.0.1 > The addresses for the OPEN DNS servers are entered in accordance with > the instructions at: > https://www.opendns.com/smb/start/device/windows-server-2003. > In other words, these servers are included as 'FORWARDERS'. > Also, this configuration has worked for some time and has only failed > recently. My suspicion is that there is some failure on the ISP's end > and they do not want to admit it. However, I just want to make sure > that LDAP cannot cause such a slowdown. >
Guest ki4zji Posted September 29, 2008 Posted September 29, 2008 Re: LDAP and surfing On Sep 29, 5:50 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > Hello ki4zji, > > You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it > there. > > Best regards > > Meinolf Weber > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > no rights. > ** Please do NOT email, only reply to Newsgroups > ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > > On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > >> Hello ki4zji, > > >> The DC is multihomed, which is a really bad decision for DC's. Or for > >> what is the 5.42.248.149 obtained from a DHCP server? > > >> Also, if you have configured the 208.67.222.222 / 208.67.220.220, > >> where did you set them, i can not see them on the output from > >> ipconfig /all? > > >> A DC have the need for an internal DNS server, externals only for > >> name resolution. > >> If DNS is not correct configured it can also slow down the network > >> and create > >> other strange problems. Even if your bandwith is not that much, > >> shouldn't > >> be a big problem with correct DNS settings. > >> What ip configuration does your clients have, please post an unedited > >> ipconfig /all from one of them. > > >> The LDAP entries in the logfile seems for me to come because your > >> server and also the clients, i assume, have DNS configuration > >> mismatches. > > >> Best regards > > >> Meinolf Weber > >> Disclaimer: This posting is provided "AS IS" with no warranties, and > >> confers > >> no rights. > >> ** Please do NOT email, only reply to Newsgroups > >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > >>>> Hello ki4zji, > > >>>> What kind of network setup do you have, please describe more > >>>> details, > >>>> domain > >>>> or workgroup? What does have problem, server or client? Please post > >>>> an unedited > >>>> ipconfig /all form your domai internal server and a client with > >>>> problems. > >>>> If your LAN internal machines use the ISP's server this is a bad > >>>> configuration. > >>>> But to help you, we need some more info about your network. > >>>> Best regards > >>>> Meinolf Weber > >>>> Disclaimer: This posting is provided "AS IS" with no warranties, > >>>> and > >>>> confers > >>>> no rights. > >>>> ** Please do NOT email, only reply to Newsgroups > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > >>>>> Here's the problem... > > >>>>> One of our installations is having what appears to be intermittent > >>>>> problems with internet surfing download speeds. We have replaced > >>>>> the > >>>>> DSL modem and thoroughly tested all the associated LAN hardware. > >>>>> The > >>>>> DSL provider has now responded saying: > >>>>> "I have taken a further look and it seems that your server (LAN > >>>>> IP: > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries > >>>>> to > >>>>> verify certain information before allowing your PC to bring up > >>>>> that > >>>>> webpage. This LDAP in your server is not recognizing certain pages > >>>>> correctly. I would suggest the following:" > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however > >>>>> I > >>>>> fail to see how LDAP can interfere with web surfing. > >>>>> Essentially, this server is isolated (through a NAT router with > >>>>> all > >>>>> incoming ports closed) from the internet and there is very little > >>>>> risk of a malware infection. > >>>>> The clients on the network are using x.x.x.2 as their DNS server. > > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause > >>>>> the clients to see a slowdown in browsing? > > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > >>>> Hello ki4zji, > > >>>> What kind of network setup do you have, please describe more > >>>> details, > >>>> domain > >>>> or workgroup? What does have problem, server or client? Please post > >>>> an unedited > >>>> ipconfig /all form your domai internal server and a client with > >>>> problems. > >>>> If your LAN internal machines use the ISP's server this is a bad > >>>> configuration. > >>>> But to help you, we need some more info about your network. > >>>> Best regards > >>>> Meinolf Weber > >>>> Disclaimer: This posting is provided "AS IS" with no warranties, > >>>> and > >>>> confers > >>>> no rights. > >>>> ** Please do NOT email, only reply to Newsgroups > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > >>>>> Here's the problem... > > >>>>> One of our installations is having what appears to be intermittent > >>>>> problems with internet surfing download speeds. We have replaced > >>>>> the > >>>>> DSL modem and thoroughly tested all the associated LAN hardware. > >>>>> The > >>>>> DSL provider has now responded saying: > >>>>> "I have taken a further look and it seems that your server (LAN > >>>>> IP: > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries > >>>>> to > >>>>> verify certain information before allowing your PC to bring up > >>>>> that > >>>>> webpage. This LDAP in your server is not recognizing certain pages > >>>>> correctly. I would suggest the following:" > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however > >>>>> I > >>>>> fail to see how LDAP can interfere with web surfing. > >>>>> Essentially, this server is isolated (through a NAT router with > >>>>> all > >>>>> incoming ports closed) from the internet and there is very little > >>>>> risk of a malware infection. > >>>>> The clients on the network are using x.x.x.2 as their DNS server. > > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause > >>>>> the clients to see a slowdown in browsing? > > >>> Windows IP Configuration > > >>> Host Name . . . . . . . . . . . . : PMCC-S01 > >>> Primary Dns Suffix . . . . . . . : pettymachine.local > >>> Node Type . . . . . . . . . . . . : Hybrid > >>> IP Routing Enabled. . . . . . . . : No > >>> WINS Proxy Enabled. . . . . . . . : No > >>> DNS Suffix Search List. . . . . . : pettymachine.local > >>> Ethernet adapter Hamachi: > >>> Connection-specific DNS Suffix . : > >>> Description . . . . . . . . . . . : Hamachi Network Interface > >>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95 > >>> DHCP Enabled. . . . . . . . . . . : Yes > >>> Autoconfiguration Enabled . . . . : No > >>> IP Address. . . . . . . . . . . . : 5.42.248.149 > >>> Subnet Mask . . . . . . . . . . . : 255.0.0.0 > >>> Default Gateway . . . . . . . . . : > >>> DHCP Server . . . . . . . . . . . : 5.0.0.1 > >>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008 > >>> 4:00:10 PM > >>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009 > >>> 4:00:10 PM > >>> Ethernet adapter Server Local Area Connection: > >>> Connection-specific DNS Suffix . : > >>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit > >>> Ethernet > >>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8 > >>> DHCP Enabled. . . . . . . . . . . : No > >>> IP Address. . . . . . . . . . . . : 192.168.0.2 > >>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 > >>> Default Gateway . . . . . . . . . : 192.168.0.1 > >>> DNS Servers . . . . . . . . . . . : 192.168.0.2 > >>> Primary WINS Server . . . . . . . : 192.168.2.107 > >>> DNS is configured on this server and is pointing to 208.67.222.222 / > >>> 208.67.220.220 / 192.168.0.2 as name servers. > >>> This is from a windows 2003 PDC. There are four PC's connected to > >>> this server which are members of the domain and three PC's which > >>> look to this server for DNS resolution only. As you can see, we are > >>> using OPEN DNS instead of our ISP's name server. The problem here > >>> appears to be in bandwidth (slow surfing). While promising a > >>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k > >>> connection. If DNS were not correct, we would see DNS errors, not a > >>> decrease in available bandwidth, correct? > > >>> The problem occurs anywhere on the network and appears to be random. > >>> I did not capture information from a client machine as the problem > >>> is on both client and server. > > >>> The ISP is making two claims: > >>> 1) there is some failure in LDAP causing the problem. I don't know, > >>> hence me asking the question. > >>> 2) someone is downloading music from the server (.0.2). I am the > >>> only > >>> one with access to the server, and I do not believe there to be any > >>> malware on the server. Further, during one of the slowdowns, I ran > >>> a > >>> netstat. There were only two connections to the internet and both > >>> were related to 'LOGMEIN.COM', the tool I use for remote support. > >>> This would never account for 2.5M of bandwidth. > >>> Thanks > >>> Randy > > the 5. address is a hamachi vpn address. It is only active > > occasionally for support purposes. During this particular problem, it > > is not active. > > > here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP > > Configuration > > > Host Name . . . . . . . . . . . . : LINDA > > Primary DNS Suffix . . . . . . . : > > Node Type . . . . . . . . . . . . : Hybrid > > IP Routing Enabled. . . . . . . . : No > > WINS Proxy Enabled. . . . . . . . : No > > Ethernet adapter Local Area Connection: > > > Connection-specific DNS Suffix . : > > Description . . . . . . . . . . . : Intel® PRO/100 Network > > Connection > > Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B > > DHCP Enabled. . . . . . . . . . . : No > > IP Address. . . . . . . . . . . . : 192.168.0.25 > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Default Gateway . . . . . . . . . : 192.168.0.1 > > DNS Servers . . . . . . . . . . . : 192.168.0.2 > > Primary WINS Server . . . . . . . : 192.168.0.1 > > The addresses for the OPEN DNS servers are entered in accordance with > > the instructions at: > >https://www.opendns.com/smb/start/device/windows-server-2003. > > In other words, these servers are included as 'FORWARDERS'. > > Also, this configuration has worked for some time and has only failed > > recently. My suspicion is that there is some failure on the ISP's end > > and they do not want to admit it. However, I just want to make sure > > that LDAP cannot cause such a slowdown. my apologies ... x.x.x.2 is not included in the forwarders tab.
Guest Sven-D Posted September 30, 2008 Posted September 30, 2008 Re: LDAP and surfing From the ipconfig from the client, I can see you are missing a primary dns suffix. "ki4zji" wrote: > On Sep 29, 5:50 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > Hello ki4zji, > > > > You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it > > there. > > > > Best regards > > > > Meinolf Weber > > Disclaimer: This posting is provided "AS IS" with no warranties, and confers > > no rights. > > ** Please do NOT email, only reply to Newsgroups > > ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > > > > On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > > > >> Hello ki4zji, > > > > >> The DC is multihomed, which is a really bad decision for DC's. Or for > > >> what is the 5.42.248.149 obtained from a DHCP server? > > > > >> Also, if you have configured the 208.67.222.222 / 208.67.220.220, > > >> where did you set them, i can not see them on the output from > > >> ipconfig /all? > > > > >> A DC have the need for an internal DNS server, externals only for > > >> name resolution. > > >> If DNS is not correct configured it can also slow down the network > > >> and create > > >> other strange problems. Even if your bandwith is not that much, > > >> shouldn't > > >> be a big problem with correct DNS settings. > > >> What ip configuration does your clients have, please post an unedited > > >> ipconfig /all from one of them. > > > > >> The LDAP entries in the logfile seems for me to come because your > > >> server and also the clients, i assume, have DNS configuration > > >> mismatches. > > > > >> Best regards > > > > >> Meinolf Weber > > >> Disclaimer: This posting is provided "AS IS" with no warranties, and > > >> confers > > >> no rights. > > >> ** Please do NOT email, only reply to Newsgroups > > >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > > > >>>> Hello ki4zji, > > > > >>>> What kind of network setup do you have, please describe more > > >>>> details, > > >>>> domain > > >>>> or workgroup? What does have problem, server or client? Please post > > >>>> an unedited > > >>>> ipconfig /all form your domai internal server and a client with > > >>>> problems. > > >>>> If your LAN internal machines use the ISP's server this is a bad > > >>>> configuration. > > >>>> But to help you, we need some more info about your network. > > >>>> Best regards > > >>>> Meinolf Weber > > >>>> Disclaimer: This posting is provided "AS IS" with no warranties, > > >>>> and > > >>>> confers > > >>>> no rights. > > >>>> ** Please do NOT email, only reply to Newsgroups > > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > >>>>> Here's the problem... > > > > >>>>> One of our installations is having what appears to be intermittent > > >>>>> problems with internet surfing download speeds. We have replaced > > >>>>> the > > >>>>> DSL modem and thoroughly tested all the associated LAN hardware. > > >>>>> The > > >>>>> DSL provider has now responded saying: > > >>>>> "I have taken a further look and it seems that your server (LAN > > >>>>> IP: > > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries > > >>>>> to > > >>>>> verify certain information before allowing your PC to bring up > > >>>>> that > > >>>>> webpage. This LDAP in your server is not recognizing certain pages > > >>>>> correctly. I would suggest the following:" > > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however > > >>>>> I > > >>>>> fail to see how LDAP can interfere with web surfing. > > >>>>> Essentially, this server is isolated (through a NAT router with > > >>>>> all > > >>>>> incoming ports closed) from the internet and there is very little > > >>>>> risk of a malware infection. > > >>>>> The clients on the network are using x.x.x.2 as their DNS server. > > > > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause > > >>>>> the clients to see a slowdown in browsing? > > > > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote: > > > > >>>> Hello ki4zji, > > > > >>>> What kind of network setup do you have, please describe more > > >>>> details, > > >>>> domain > > >>>> or workgroup? What does have problem, server or client? Please post > > >>>> an unedited > > >>>> ipconfig /all form your domai internal server and a client with > > >>>> problems. > > >>>> If your LAN internal machines use the ISP's server this is a bad > > >>>> configuration. > > >>>> But to help you, we need some more info about your network. > > >>>> Best regards > > >>>> Meinolf Weber > > >>>> Disclaimer: This posting is provided "AS IS" with no warranties, > > >>>> and > > >>>> confers > > >>>> no rights. > > >>>> ** Please do NOT email, only reply to Newsgroups > > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm > > >>>>> Here's the problem... > > > > >>>>> One of our installations is having what appears to be intermittent > > >>>>> problems with internet surfing download speeds. We have replaced > > >>>>> the > > >>>>> DSL modem and thoroughly tested all the associated LAN hardware. > > >>>>> The > > >>>>> DSL provider has now responded saying: > > >>>>> "I have taken a further look and it seems that your server (LAN > > >>>>> IP: > > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries > > >>>>> to > > >>>>> verify certain information before allowing your PC to bring up > > >>>>> that > > >>>>> webpage. This LDAP in your server is not recognizing certain pages > > >>>>> correctly. I would suggest the following:" > > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however > > >>>>> I > > >>>>> fail to see how LDAP can interfere with web surfing. > > >>>>> Essentially, this server is isolated (through a NAT router with > > >>>>> all > > >>>>> incoming ports closed) from the internet and there is very little > > >>>>> risk of a malware infection. > > >>>>> The clients on the network are using x.x.x.2 as their DNS server. > > > > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause > > >>>>> the clients to see a slowdown in browsing? > > > > >>> Windows IP Configuration > > > > >>> Host Name . . . . . . . . . . . . : PMCC-S01 > > >>> Primary Dns Suffix . . . . . . . : pettymachine.local > > >>> Node Type . . . . . . . . . . . . : Hybrid > > >>> IP Routing Enabled. . . . . . . . : No > > >>> WINS Proxy Enabled. . . . . . . . : No > > >>> DNS Suffix Search List. . . . . . : pettymachine.local > > >>> Ethernet adapter Hamachi: > > >>> Connection-specific DNS Suffix . : > > >>> Description . . . . . . . . . . . : Hamachi Network Interface > > >>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95 > > >>> DHCP Enabled. . . . . . . . . . . : Yes > > >>> Autoconfiguration Enabled . . . . : No > > >>> IP Address. . . . . . . . . . . . : 5.42.248.149 > > >>> Subnet Mask . . . . . . . . . . . : 255.0.0.0 > > >>> Default Gateway . . . . . . . . . : > > >>> DHCP Server . . . . . . . . . . . : 5.0.0.1 > > >>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008 > > >>> 4:00:10 PM > > >>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009 > > >>> 4:00:10 PM > > >>> Ethernet adapter Server Local Area Connection: > > >>> Connection-specific DNS Suffix . : > > >>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit > > >>> Ethernet > > >>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8 > > >>> DHCP Enabled. . . . . . . . . . . : No > > >>> IP Address. . . . . . . . . . . . : 192.168.0.2 > > >>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > >>> Default Gateway . . . . . . . . . : 192.168.0.1 > > >>> DNS Servers . . . . . . . . . . . : 192.168.0.2 > > >>> Primary WINS Server . . . . . . . : 192.168.2.107 > > >>> DNS is configured on this server and is pointing to 208.67.222.222 / > > >>> 208.67.220.220 / 192.168.0.2 as name servers. > > >>> This is from a windows 2003 PDC. There are four PC's connected to > > >>> this server which are members of the domain and three PC's which > > >>> look to this server for DNS resolution only. As you can see, we are > > >>> using OPEN DNS instead of our ISP's name server. The problem here > > >>> appears to be in bandwidth (slow surfing). While promising a > > >>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k > > >>> connection. If DNS were not correct, we would see DNS errors, not a > > >>> decrease in available bandwidth, correct? > > > > >>> The problem occurs anywhere on the network and appears to be random. > > >>> I did not capture information from a client machine as the problem > > >>> is on both client and server. > > > > >>> The ISP is making two claims: > > >>> 1) there is some failure in LDAP causing the problem. I don't know, > > >>> hence me asking the question. > > >>> 2) someone is downloading music from the server (.0.2). I am the > > >>> only > > >>> one with access to the server, and I do not believe there to be any > > >>> malware on the server. Further, during one of the slowdowns, I ran > > >>> a > > >>> netstat. There were only two connections to the internet and both > > >>> were related to 'LOGMEIN.COM', the tool I use for remote support. > > >>> This would never account for 2.5M of bandwidth. > > >>> Thanks > > >>> Randy > > > the 5. address is a hamachi vpn address. It is only active > > > occasionally for support purposes. During this particular problem, it > > > is not active. > > > > > here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP > > > Configuration > > > > > Host Name . . . . . . . . . . . . : LINDA > > > Primary DNS Suffix . . . . . . . : > > > Node Type . . . . . . . . . . . . : Hybrid > > > IP Routing Enabled. . . . . . . . : No > > > WINS Proxy Enabled. . . . . . . . : No > > > Ethernet adapter Local Area Connection: > > > > > Connection-specific DNS Suffix . : > > > Description . . . . . . . . . . . : Intel® PRO/100 Network > > > Connection > > > Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B > > > DHCP Enabled. . . . . . . . . . . : No > > > IP Address. . . . . . . . . . . . : 192.168.0.25 > > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > > Default Gateway . . . . . . . . . : 192.168.0.1 > > > DNS Servers . . . . . . . . . . . : 192.168.0.2 > > > Primary WINS Server . . . . . . . : 192.168.0.1 > > > The addresses for the OPEN DNS servers are entered in accordance with > > > the instructions at: > > >https://www.opendns.com/smb/start/device/windows-server-2003. > > > In other words, these servers are included as 'FORWARDERS'. > > > Also, this configuration has worked for some time and has only failed > > > recently. My suspicion is that there is some failure on the ISP's end > > > and they do not want to admit it. However, I just want to make sure > > > that LDAP cannot cause such a slowdown. > > my apologies ... x.x.x.2 is not included in the forwarders tab. > >
Recommended Posts