Windows Server 2008 R2 drops packets

networking domain-name-system active-directory nat windows-server-2008-r2

I seem to be having strange problems with my WS2008R2 Active Directory + DNS + DHCP + NAT configuration. It look to be some sort of an issue between DNS, NAT and LDAP.

The first consequence is some sort of packet dropping problem. Every once in a while, the server (acting as default gateway) will drop packets and command will return 'Destination host unreachable'. I have yet to figure out the cause. This seems unrelated to DNS.

C:\Users\Administrator>ping serverfault.com

Pinging serverfault.com [64.34.119.12] with 32 bytes of data:
Reply from 10.0.0.1: Destination host unreachable.
Reply from 64.34.119.12: bytes=32 time=113ms TTL=49
Request timed out.
Reply from 64.34.119.12: bytes=32 time=113ms TTL=49

C:\Users\Administrator>ping 74.125.79.105

Pinging 74.125.79.105 with 32 bytes of data:
Reply from 10.0.0.1: Destination host unreachable.
Reply from 74.125.79.105: bytes=32 time=39ms TTL=49
Reply from 74.125.79.105: bytes=32 time=37ms TTL=49

C:\Users\Administrator>ping 74.125.79.105

Pinging 74.125.79.105 with 32 bytes of data:
Reply from 74.125.79.105: bytes=32 time=36ms TTL=49
Reply from 74.125.79.105: bytes=32 time=36ms TTL=49

So the DNS resolves fine ... but then sometimes 10.0.0.1 drops packets .. just because? Happens intermittently. This was a test done on the server itself, but the clients exhibit pretty much the same behavior, except even DNS fails with them sometimes.

C:\Users\[user]>ping google.com
Ping request could not find host google.com. Please check the name and try again.

C:\Users\[user]>ping google.com

Pinging google.com [74.125.79.105] with 32 bytes of data:
Request timed out.
Reply from 74.125.79.105: bytes=32 time=37ms TTL=49
Reply from 74.125.79.105: bytes=32 time=36ms TTL=49

This will cause HTTP 404 errors, applications complaining about no internet connection, complaining about servers being offline, etc.

It's also reporting, for example

_ldap._tcp.Default-First-Site-Name._sites.[server].ad.[domain].net
No such name

Any help or tips would be very appreciated. :)

Update: Some server info.

C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : [server]
   Primary Dns Suffix  . . . . . . . : ad.[domain].net
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : ad.[domain].net

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.12(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Linksys WMP600N Wireless-N PCI Adapter wi
th Dual-Band
   Physical Address. . . . . . . . . : 00-25-9C-FF-C1-FC
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 10.0.0.1
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E
 Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-19-66-88-6A-1F
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 0.0.0.0
   DNS Servers . . . . . . . . . . . : 10.0.0.1
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B84CD253-70D3-49E5-88F9-102C6B7FCEC0}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D7DFBDDF-7295-43E8-AAD4-4910D79202A9}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\Administrator>route print
===========================================================================
Interface List
 26...........................RAS (Dial In) Interface
 15...00 25 9c ff c1 fc ......Linksys WMP600N Wireless-N PCI Adapter with Dual-Band
 11...00 19 66 88 6a 1f ......Realtek RTL8168C(P)/8111C(P) Family PCI-E GigabitEthernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         On-link          10.0.0.1    266
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100    276
         10.0.0.0    255.255.255.0         On-link          10.0.0.1    266
         10.0.0.1  255.255.255.255         On-link          10.0.0.1     11
        10.0.0.12  255.255.255.255         On-link         10.0.0.12    306
       10.0.0.255  255.255.255.255         On-link          10.0.0.1    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    276
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.1    266
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         10.0.0.12    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.1    266
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    276
  255.255.255.255  255.255.255.255         On-link         10.0.0.12    306
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.1.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1     51 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

The routing shows two gateways, both are used for external connections (network destination 0.0.0.0). If one is not responding then the other one is used. That's why some random packets get dropped. Try to remove the default gateway from your wired interface (10.0.0.1), this way the routing should always use the other gateway. Otherwise, you could check the route from the client to 0.0.0.0 and the dns servers on the client.

Related

How to set up a basic mod_rewrite?
Assign public IP address to Hyper-V guest [duplicate]
Nginx reverse proxy to server with login not working as expected
redirect to a static page on another web server when main web server is down
Huge citadel log files
Passing multiple https domains through Elastic Load Balancer
Vmware missing last snapshot data file what now?
local domain DNS vs global DNS setup
How to see what is causing failcnt on tcpsndbuf
How to create .htaccess and block UserAgent libwww-perl?
Sender address rejected: Domain not found - after Route 53 (Amazon AWS) changes
PFSENSE Bridge on of the Network Interfaces