Major Internet Issue !help

Unanswered Question
May 6th, 2008

Hi All,

Please I will appreciate any help from you to resolve this major internet problem.

I am not sure if this is a virus issue or a problem on the network.

But one thing is certain good router configuration can resolve the problem and advice from the house will resolve the problem.

This is the issue

I have a server that some machines get resources from (not internet resources ).Once this server is on the network all system times out .Interestingly one can browse few website like msn only, other sites will not open.

Please what can I do

(1) To isolate this system

(2) Allow system that needs resources on the server to be able to get access to this server

(3) Allow access to all web sites

I will appreciate your speedy reply.

Best Regards

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rais Tue, 05/06/2008 - 06:28

Begin with a sniffer to see what is going on in your network once that server comes online.

Thanks.

cisco_lad2004 Tue, 05/06/2008 - 06:49

has there been any recent changes to ur network ?

I am thinking about MTU size issue which might cause some sites to be viewed and not others.

also, for sites you cannot browse, try to browse them using their IP addresses and not url, this will eliminate possible DNS issues.

trace to the sites with issues and then working sites and compare.

HTH

Sam

lamav Tue, 05/06/2008 - 09:36

Hi

i think you need to give us more information.

What is this server that other machines access?

Why do you think there is a relationship between this server and users accesing the Internet?

VL

T1success Wed, 05/07/2008 - 03:28

Pls what other information is iamav requesting for,I will be too glad to dish out the information to resolve this issue.

The server supplies resources to this other machine (client) .But the sever and the client require internet access.Once,this issue occurs,all the client,server and internal system cant not browse(no internet pages can be opened.

Let me also add that i can ping the dns yet i cant browse whenever this issue occurs.

Regards

joseph.derrick Sun, 05/11/2008 - 08:06

Hi,

I am still a bit confused on the information you provided. Please clarify on some things:

1. When you say that users could not browse the Internet, are all of the users affected or not ?

2. Is it only browsing that is affected by this server/service problem or is it affecting other services also such as POP/SMTP/FTP ?

3. What service is running on the server that you are referring to, is it an HTTP proxy server ?

4. Have you tried browsing directly through Internet sites without passing your HTTP traffic to the server that you are suspecting ?

I hope you can provide all the information to better understand the problem and recommend better solutions.

Thanks,

Joseph Derrick

T1success Wed, 05/07/2008 - 03:20

What effect will changing the MTU size have on the network.If i have a small MTU size say 500 or say 1402 what effect does it have.

Pls which command will i use to check the default (if any) of the MTU size .I have used the sh run int command ,but nothing was stated on MTU.

If i am using snifferes like ethereal, what shd i check for ?

If am also tracing the websites through the ip address ,i have a feeling that the website that are not responsive will be timing out what do i check with the traces ?

cisco_lad2004 Wed, 05/07/2008 - 03:29

1-if u have a smaller MTU ( even 1500) there are some websites you wont be able to browse.

I raised thsi point in case u have introduced anew VLAN or interface("sh interface" would show u the MTU size).

2-when u browse with an IP address, u are not susing DNS. so it will if are able to browse with IP but not URL. check if ur DNS server is impacted by new server put online.

3-trace to missing websites will confirm if u have or dont have a routing issue. I doubt it as any IPS woudl have fixed their routing by now.

HTH

Sam

T1success Wed, 05/07/2008 - 03:46

thanks so much for your reply.I have introduced some Vlan using HWIC on the router I am using an IOS router.

Pls can u state the command to check the mtu size.I have read some stuff on MTU and i learnt that issues might come with fragmentation and overhead management.What is the recommended d mtu size.

-The DNS is affected when this issue occurs.

- Pls am not clear with your third point "I doubt it as any IPS would have fixed their routing by now"

cisco_lad2004 Wed, 05/07/2008 - 04:06

sh interface command, will show u mtu size.

as per below, I set mine at 9216 but u dont nee dthsi much 1546 would do (if this is the issue).

RTR1#sh int tenGigabitEthernet 2/1 | inc MTU

MTU 9216 bytes, BW 10000000 Kbit, DLY 10 usec,

for IPS..I mean ISP sorry.

Mvh

Sam

T1success Wed, 05/07/2008 - 10:08

Hi All

The MTU size is shown below.This shows it is not the problem.

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec.

Pls any other advise.

If i am sniffers like ethereal what should i check out for ?

Best Regards.

mwall1 Wed, 05/07/2008 - 12:43

I'm not sure this sounds like a router issue, and I still don't think you've given enough information to really help (i.e. Windows 2003 (server)? What desktop OS (client)?

Who provides your DNS? Internal with Forwarders to your ISP? How about DHCP?

If you can reach MSN.com, then you should be able to access any site (Assuming you don't work at Microsoft :-p )

What happens if you try to enter the IP 207.68.172.246 into a web browser?

How about 64.233.187.99 ... any luck?

Can you tell us what router model and what IOS version it's running?

If you could post a sanitized config, that would help a lot.

Mike

T1success Thu, 05/08/2008 - 00:51

Thanks buddies

I'm not sure this sounds like a router issue, and I still don't think you've given enough information to really help (i.e. Windows 2003 (server)? What desktop OS (client)?

Response -windows 2000 server. OS client windows xp professional and xp embedded

who provides your DNS? Internal with Forwarders to your ISP? How about DHCP?

Response - this question ins not clear .Not using DHCP.Please what did you mean by Internal to forwarders .

Another info that might help is whenever this server is shut down, the network will be stable.

Another Info is that this problem occurs when a lot of users are on the network. In the early hours of the morning, it is stable and late in the night it is also stable.

I am considering ethereal, but I am giving serious issues installing and other too?

mwall1 Thu, 05/08/2008 - 06:51

What I meant was, is that Windows 2000 server running DNS services? If your client isn't using DHCP, then you've statically assigned an IP and used what for the DNS entries?

The proper way to set up DNS in that situation, is to point the W2K server to itself for DNS, and then set up Forwarders to your ISP's DNS servers for any external requests.

Or do you have some sort of Internet Connection Sharing setup on the server that may screw things up when the server is tunred on (i.e. traffic tries to go through the W2K server, rather than straight to the router)?

If you're not familiar with Ethereal, it's probably not going to help a lot in this situation. You're better off running traceroutes from the client to the external sites, to see where it gets hung up.

What is the gateway IP on your client, and what is it on your server?

T1success Thu, 05/08/2008 - 11:26

Hi mwall1

Thanks for the mail.

The network config is a very simple one

The server in question can be best explained as an application server.

The address structure is like below

192.168.0.x

255.255.255.0

192.168.0.1

pry dns x.x.x.x

sec dns x.x.x.x

The same structure goes for all the terminals.It is the only the ip address for each machine that will be changed that is changed.

I hope all understands the server now.the server does not support the system in any form ,but some system reach the server to get resources to application on the servers.

Pls advise what can make internet to be stable during off peak hours like morning and late evening?

Best Regards

mwall1 Thu, 05/08/2008 - 11:45

Perhaps you have an IP address conflict then?

Not much else could explain the behavior you're describing, if each client uses the router as the default gateway and this problem occurs when you turn on the server...

rkalia1 Sat, 05/10/2008 - 07:01

Pls check on your firewall if you are running out of licenses. e.g. if your Firewall is a Cisco ASA with a Base License of say 10 users and you have more than 10 mac addresses on the LAN accessing the internet all outbound traffic through the firewall will be cut off. No traffic will be passed to the outside then. This a possibility worth checking.

mwall1 Sat, 05/10/2008 - 08:42

rkalia1,

That's a very good suggestion. I ran into that problem years ago with PIX 501s that only had the 10 or 50-user licenses.

What I found out then, was that even though there were less than 10 devices on the network, a couple of machines had trojans on them. The trojans were filling up the ARP table, and thus using up the licenses!

That issue almost drove me mad! :-)

T1success Fri, 05/16/2008 - 04:54

Hi all,

Good News!Thanks for your contribution.

Am gradually getting to the root of the problem.I am using macaffe ver 8i.we activated the spy ware/malware setting and the problem was temporarily solved as the server in question did not stop internet access (just for 4 days).

The problem returned again.But it is clear that the issue is a spy ware/virus issue .But what am not clear is why should block internet access to all the system.(Pls let the house advice )

But,why and how can a single system block the whole access to internet.How can the router resolve the whole issue .How can i allow port 80 to be accessed freely by other system ie the command to use to ALWAYS allow all the other ip address assigned to other system to use port 80.

Pls advice.

Actions

This Discussion