unwise configuration, slow internet

November 20, 2011 at 11:09:17
Specs: windows server 2003
i seem to have everything working. the problem is the internet is very slow. we have a managed internet and i believe the internet speed is fast enough the problem is that to many computers are having to query the main computer back at headquarters and not using the local servers to the full ability. i was hoping to try and explain the current setup to everyone and maybe someone to help me configure the system so that remote users use the local servers for everything that they can and only go back to the main server for things that can't be maintained localy. like shared files. all servers are running server 2003.
the following is the current setup. if you need more info please ask.

6 locations, paris is corp. headquarters.
corp headquarters server:
local router is at ip
static ip is dns is on and working thur active directory.
under dnsmgmt, under properties for the local dns, interfaces tab, set to listen on
under forwarders tab, set to forward to router

in the left pane of dnsmgmt under foward lookup zones i have 2 zones. ad.mycompany.com and as400.

as400 is our as400 machine (its local). when i click on it the right pane shows all the remote server ip addresses, type is name server (ns). when i right click on as400 and bring up propertys, name servers shows all our remote servers and our local dns server, it has a star in the ip address, under it says represents an ip address retrived as the result of a dns query and may not represent actual records stored on this server. nothing is under the zone transfers tab.

ad.mycompany shows the following: left click and ad.mycompany and i have everyone the the company, both local and remote, all type host(a). at the bottom of the list it has all the remote servers listed. type name server (ns). if i expand ad.mycompany zone i have server folders but the interesting ones seems to be domaindnszones and forestdnszones. both domaindnszones and forestdnszones contains all the remote dns server ip addresses and itself type host(a). when i right click on ad.mycompany and bring up propertys under the name servers i have all the remote servers ip address and itself under zone transfers tab the allow zone transfers is clicked and only to servers listed on the name servers tab is selected.

each remote location has a server its a domain controller, active directory, dns. dns allways end with .30, so one is, the next is Etc etc.
one of the remote servers settings:
in the left pane of dnsmgmt, when i select the dns, in the right pane it says configure a dns server bah bah, this server has not been configured. but when i expand the dns sever i have the forward lookup zones and reverse lookup zones just like the main server back at in fact it looks just like do i need to setup dns ?? i think so.

on another remote server the settings are:
when i left click on the dns sever the dns seems to be installed and running. if i right click and the dns, under the interface tab it says listen on its ip address fowarders is set to our isp dns server ip addresses, not private ip addresses. everything else seems to be setup exactly like the paris server

about reverse lookup zones: the main local server (paris) has a folder with each of the remote ip zones (backwards) 10.0.10, 20.0.10,30.0.10. etc. the remote servers shows the ip zones for all the remote subnets but not backwards.

about dhcp: main computer has dhcp turned on, all remote servers have dhcp turned off and use dhcp relay back to the main server.
this is working.

See More: unwise configuration, slow internet

Report •

November 21, 2011 at 08:20:23
"under forwarders tab, set to forward to router"

You should list your isps dns servers here not the gateway.

When you say internet is slow exactly what is slow, internet access or AD name resolution? In other words is getting to local shares/servers slow or is it just internet access is slow?

Who set this up? Any documentation? Can you talk to this person? Does seem strange that you are getting a message on the remote servers that dns is not configured yet you see the forward/reverse lookup zones.

At the main site do you have multiple internet connections? One for connecting to sites and one for internet?

"this server has not been configured"
sounds like a caching server perhaps though I wouldn't expect that error

At the main site in AD sites and services are the subnets for each site listed? They should be.

It is unclear if the remote sites are pointed to the internet or they are pointed to the main site to get internet.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

November 21, 2011 at 10:39:51
change forward tab to the isp dns servers not the gateway. okay i'll give that a try. internet is slow, many times it takes so long for the page to devople that it times out or some busy pages like msn will only show the text and not the pictures. no doc's from oringal admin. left in not so great terms with the owner. we only have one internet connection for all the sites. its a managed router system. theirs a router at the main site and all the remote sites and its our only way out, across the wan or the internet. i'll read up on caching servers tonight. i think that all the subnet are in the ad sites and servise, again i'll check for sure tonight but i'm 99 percent sure. how can i tell if the remote sites are pointed to the main site for internet ?? would that be in the remote dns ??? THANKS SO MUCH, I'M SO LOST. i'll reply again later tonight, right now i am unable to remote into the servers.

Report •

November 21, 2011 at 10:44:17
from a remote site pc you would do a tracert yahoo.com and post the results for review.

what is the bandwidth between the remotes and the main site?
what is the internet bandwidth at the main site?
is the main site internet also slow?

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

Related Solutions

November 22, 2011 at 13:59:52
so sorry for the delay. last night just after i had changed the forwarder tab to the isp dns and i began to do the tracert command, our internet connection when down. we had a big storm in southern arkansas last night. the connection has been going up and down all day as att trys different things. i can tell you that i did run the tracert command on one machine and it did find a way to yahoo.com but there were about 11 rows in the results that were just stars. maybe dead end roads ?? the last row was yahoo though. tomorrow if our connection is working correctly i'll send you the results. also you asked this:
t the main site in AD sites and services are the subnets for each site listed? They should be.
err huh no. under active directory sites and services ->sites->default-first-site-name->subnets. there's nothing. under active directory sites and services->sites->default-first-sitename->servers. all the servers are listed along with their ntds settings (most are marked for global catalog).
also you asked:
what is the bandwidth between the remotes and the main site?
what is the internet bandwidth at the main site?
is the main site internet also slow?
internet is slow everywhere. i'm not sure yet what our bandwith is but it shared though out. we pay a company called clear access to be our internet provider. they provided the routers. its all managed by them.
this tracert thing seems to be telling me something, looks like your on the right track.

Report •

November 22, 2011 at 14:08:57
The stars indicate a router that is configured not to respond to icmp protocol which the tracert uses.

I have multiple site each with its own subnet. In AD sites and services we list each sites subnet.

Once things have settled down post the results of a tracert for review.

I would call Clear and ask them for a report on services ie bandwidth between each site. Post that also.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

November 23, 2011 at 16:53:55
okay i have tracert results from one remote computer:
first alittle more info, maybe better to tell you to much than not enough. remote users computer have their own server at their location. forwarder tabs have been changed to the isp dns servers. remote server local area connection propertys under tcpip are as so.
ip address
default gateway (their router)
preferred dns server (itself)
setup is static.

users ipconfig /all shows the following:
ip address
default gateway (their router)
dns server (main office dns server)

tracert results:
1 <1ms
2 * * * * request timed out
3 * * * * request timed out
4 * * * * request timed out
5 * * * * request timed out
6 * * * * request timed out
7 * * * * request timed out
8 * * * * request timed out
9 * * * * request timed out
10 * * * * request timed out
11 * * * * request timed out
12 * * * * request timed out
13 * * * * request timed out
14 * * * * request timed out
15 * * * * request timed out
16 * * * * request timed out
17 99 ms 91 ms 98 ms ir1.fp.vip.sk1.yahoo.com []
i thought this was not good so i tried a change, changed users primary dns from (main office dns) to
got about the same results, only 3 less request timed out.

got any ideas. looks to me like the once it reaches the router it takes about 15 wrong turns before finally finding yahoo.

Report •

November 23, 2011 at 21:08:02
I am thinking your router/firewalls are blocking icmp responses. Or your isp is blocking icmp. It is usual but annoying to see a few responses in stars but all of them? Not so common.

Does appear dns configuration is correct from what you post.

nslookup of the main server from the remote site would be nice to see along with the bandwidth report.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

November 25, 2011 at 11:28:33
nslookup command from remote user machine:
first attempt is by ip address:
server: ad040233001.ad.agprocompanies.com

name: ad040233001.ad.agprocompanies.com

second attempt is my name:
nslookup ad040233001.ad.agprocompanies.com
server: ad040233001.ad.agprocompanies.com

dns request timed out.
timeout was 2 seconds
dns request timed out
timeout was 2 seconds
name: ad040233001.ad.agprocompaines.com

dns request timed out ?? who ?? will try to have bandwith test done this week.

Report •

Ask Question