LDAP and surfing

  • Thread starter Thread starter ki4zji
  • Start date Start date
K

ki4zji

Guest
Here's the problem...

One of our installations is having what appears to be intermittent
problems with internet surfing download speeds. We have replaced the
DSL modem and thoroughly tested all the associated LAN hardware. The
DSL provider has now responded saying:
"I have taken a further look and it seems that your server (LAN IP:
192.168.0.2) seems to be using something called "LDAP" which tries to
verify certain information before allowing your PC to bring up that
webpage. This LDAP in your server is not recognizing certain pages
correctly. I would suggest the following:"

The address x.x.x.2 is, in fact, our windows 2003 server, however I
fail to see how LDAP can interfere with web surfing.

Essentially, this server is isolated (through a NAT router with all
incoming ports closed) from the internet and there is very little risk
of a malware infection.

The clients on the network are using x.x.x.2 as their DNS server.

Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the
clients to see a slowdown in browsing?
 
Re: LDAP and surfing

Hello ki4zji,

What kind of network setup do you have, please describe more details, domain
or workgroup? What does have problem, server or client? Please post an unedited
ipconfig /all form your domai internal server and a client with problems.
If your LAN internal machines use the ISP's server this is a bad configuration.
But to help you, we need some more info about your network.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Here's the problem...
>
> One of our installations is having what appears to be intermittent
> problems with internet surfing download speeds. We have replaced the
> DSL modem and thoroughly tested all the associated LAN hardware. The
> DSL provider has now responded saying:
> "I have taken a further look and it seems that your server (LAN IP:
> 192.168.0.2) seems to be using something called "LDAP" which tries to
> verify certain information before allowing your PC to bring up that
> webpage. This LDAP in your server is not recognizing certain pages
> correctly. I would suggest the following:"
> The address x.x.x.2 is, in fact, our windows 2003 server, however I
> fail to see how LDAP can interfere with web surfing.
>
> Essentially, this server is isolated (through a NAT router with all
> incoming ports closed) from the internet and there is very little risk
> of a malware infection.
>
> The clients on the network are using x.x.x.2 as their DNS server.
>
> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the
> clients to see a slowdown in browsing?
>
 
Re: LDAP and surfing

On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> Hello ki4zji,
>
> What kind of network setup do you have, please describe more details, domain
> or workgroup? What does have problem, server or client? Please post an unedited
> ipconfig /all form your domai internal server and a client with problems.
> If your LAN internal machines use the ISP's server this is a bad configuration.
> But to help you, we need some more info about your network.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > Here's the problem...
>
> > One of our installations is having what appears to be intermittent
> > problems with internet surfing download speeds.  We have replaced the
> > DSL modem and thoroughly tested all the associated LAN hardware.  The
> > DSL provider has now responded saying:
> > "I have taken a further look and it seems that your server (LAN IP:
> > 192.168.0.2) seems to be using something called "LDAP" which tries to
> > verify certain information before allowing your PC to bring up that
> > webpage. This LDAP in your server is not recognizing certain pages
> > correctly. I would suggest the following:"
> > The address x.x.x.2 is, in fact, our windows 2003 server, however I
> > fail to see how LDAP can interfere with web surfing.
>
> > Essentially, this server is isolated (through a NAT router with all
> > incoming ports closed) from the internet and there is very little risk
> > of a malware infection.
>
> > The clients on the network are using x.x.x.2 as their DNS server.
>
> > Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the
> > clients to see a slowdown in browsing?

On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> Hello ki4zji,
>
> What kind of network setup do you have, please describe more details, domain
> or workgroup? What does have problem, server or client? Please post an unedited
> ipconfig /all form your domai internal server and a client with problems.
> If your LAN internal machines use the ISP's server this is a bad configuration.
> But to help you, we need some more info about your network.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > Here's the problem...
>
> > One of our installations is having what appears to be intermittent
> > problems with internet surfing download speeds. We have replaced the
> > DSL modem and thoroughly tested all the associated LAN hardware. The
> > DSL provider has now responded saying:
> > "I have taken a further look and it seems that your server (LAN IP:
> > 192.168.0.2) seems to be using something called "LDAP" which tries to
> > verify certain information before allowing your PC to bring up that
> > webpage. This LDAP in your server is not recognizing certain pages
> > correctly. I would suggest the following:"
> > The address x.x.x.2 is, in fact, our windows 2003 server, however I
> > fail to see how LDAP can interfere with web surfing.
>
> > Essentially, this server is isolated (through a NAT router with all
> > incoming ports closed) from the internet and there is very little risk
> > of a malware infection.
>
> > The clients on the network are using x.x.x.2 as their DNS server.
>
> > Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause the
> > clients to see a slowdown in browsing?

Windows IP Configuration

Host Name . . . . . . . . . . . . : PMCC-S01
Primary Dns Suffix . . . . . . . : pettymachine.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : pettymachine.local

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : No
IP Address. . . . . . . . . . . . : 5.42.248.149
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 5.0.0.1
Lease Obtained. . . . . . . . . . : Monday, September 29, 2008
4:00:10 PM
Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009
4:00:10 PM


Ethernet adapter Server Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2
Primary WINS Server . . . . . . . : 192.168.2.107

DNS is configured on this server and is pointing to 208.67.222.222 /
208.67.220.220 / 192.168.0.2 as name servers.

This is from a windows 2003 PDC. There are four PC's connected to
this server which are members of the domain and three PC's which look
to this server for DNS resolution only. As you can see, we are using
OPEN DNS instead of our ISP's name server. The problem here appears
to be in bandwidth (slow surfing). While promising a 3.0/384
connection, DSL Reports' speed tests indicate a 561k / 306k
connection. If DNS were not correct, we would see DNS errors, not a
decrease in available bandwidth, correct?

The problem occurs anywhere on the network and appears to be random.
I did not capture information from a client machine as the problem is
on both client and server.

The ISP is making two claims:
1) there is some failure in LDAP causing the problem. I don't know,
hence me asking the question.
2) someone is downloading music from the server (.0.2). I am the only
one with access to the server, and I do not believe there to be any
malware on the server. Further, during one of the slowdowns, I ran a
netstat. There were only two connections to the internet and both
were related to 'LOGMEIN.COM', the tool I use for remote support.
This would never account for 2.5M of bandwidth.

Thanks
Randy
 
Re: LDAP and surfing

If it helps, the ISP has also provided a SYSLOG:
139:44:02 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-
S01.pettymachine.local
139:44:02 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC-
S01.pettymachine.local
139:46:33 Elapsed Time syslog: failed dns request
len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid
139:46:33 Elapsed Time syslog: failed dns request
len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid
139:48:28 Elapsed Time syslog: failed dns request
len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid
139:54:01 Elapsed Time syslog: failed dns request
len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-
Name._sites.PMCC-S01.pettymac
139:54:27 Elapsed Time syslog: failed dns request
len=73,srcip=208.67.222.222, url=PMCC-S01.pettymachine.local
139:54:28 Elapsed Time syslog: failed dns request
len=64,srcip=208.67.222.222, url=pettymachine.local
139:54:28 Elapsed Time syslog: failed dns request
len=64,srcip=208.67.220.220, url=pettymachine.local
139:54:28 Elapsed Time syslog: failed dns request
len=51,srcip=208.67.222.222, url=local
139:54:29 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=2.0.168.192.in-addr.arpa
139:54:30 Elapsed Time syslog: failed dns request
len=68,srcip=208.67.222.222, url=0.168.192.in-addr.arpa
139:54:30 Elapsed Time syslog: failed dns request
len=68,srcip=208.67.220.220, url=0.168.192.in-addr.arpa
139:59:02 Elapsed Time syslog: failed dns request
len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local
140:00:00 Elapsed Time -- MARK --
140:04:02 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-
S01.pettymachine.local
140:04:03 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC-
S01.pettymachine.local
140:09:02 Elapsed Time syslog: failed dns request
len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-
Name._sites.PMCC-S01.pettymac
140:10:14 Elapsed Time udhcpd: SENDING ACK to larry
140:10:14 Elapsed Time udhcpd: sending ACK to 192.168.0.100
140:10:14 Elapsed Time udhcpd: ADD 00:1e:90:39:c3:10 192.168.0.100
86400l larry
140:10:21 Elapsed Time syslog: failed dns request
len=89,srcip=208.67.222.222,
url=_ldap._tcp.dc._msdcs.domain_not_set.invalid
140:10:23 Elapsed Time syslog: failed dns request
len=89,srcip=208.67.222.222,
url=_ldap._tcp.dc._msdcs.domain_not_set.invalid
140:12:14 Elapsed Time udhcpd: SENDING ACK to larry
140:12:14 Elapsed Time udhcpd: sending ACK to 192.168.0.100
140:12:14 Elapsed Time udhcpd: ADD 00:1e:90:39:c3:10 192.168.0.100
86400l larry
140:18:06 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local
140:18:07 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.220.220, url=LINDA.pettymachine.local
140:19:01 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-
S01.pettymachine.local
140:19:01 Elapsed Time syslog: failed dns request
len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local
140:20:00 Elapsed Time -- MARK --
140:20:29 Elapsed Time syslog: failed dns request
len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid
140:21:53 Elapsed Time syslog: failed dns request
len=69,srcip=208.67.222.222, url=wpad.pettymachine.local
140:24:01 Elapsed Time syslog: failed dns request
len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-
Name._sites.PMCC-S01.pettymac
140:26:15 Elapsed Time syslog: failed dns request
len=50,srcip=208.67.222.222, url=wpad
140:38:06 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local
140:39:01 Elapsed Time syslog: failed dns request
len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-
Name._sites.PMCC-S01.pettymac
140:39:03 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-
S01.pettymachine.local
140:39:03 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.220.220, url=_ldap._tcp.PMCC-
S01.pettymachine.local
140:39:03 Elapsed Time syslog: failed dns request
len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local
140:40:00 Elapsed Time -- MARK --
140:41:49 Elapsed Time syslog: failed dns request
len=50,srcip=208.67.222.222, url=wpad
140:52:30 Elapsed Time syslog: failed dns request
len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid
140:54:32 Elapsed Time syslog: failed dns request
len=73,srcip=208.67.222.222, url=PMCC-S01.pettymachine.local
140:54:32 Elapsed Time syslog: failed dns request
len=73,srcip=208.67.220.220, url=PMCC-S01.pettymachine.local
140:54:32 Elapsed Time syslog: failed dns request
len=64,srcip=208.67.222.222, url=pettymachine.local
140:54:32 Elapsed Time syslog: failed dns request
len=51,srcip=208.67.222.222, url=local
140:54:32 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=2.0.168.192.in-addr.arpa
140:54:32 Elapsed Time syslog: failed dns request
len=68,srcip=208.67.222.222, url=0.168.192.in-addr.arpa
140:56:08 Elapsed Time syslog: failed dns request
len=148,srcip=4.2.2.2, url=wpad.domain_not_set.invalid
140:57:50 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local
140:59:01 Elapsed Time syslog: failed dns request
len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-
Name._sites.PMCC-S01.pettymac
140:59:01 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-
S01.pettymachine.local
140:59:01 Elapsed Time syslog: failed dns request
len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local
141:00:00 Elapsed Time -- MARK --
141:12:59 Elapsed Time syslog: failed dns request
len=50,srcip=208.67.222.222, url=wpad
141:14:01 Elapsed Time syslog: failed dns request
len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-
Name._sites.PMCC-S01.pettymac
141:14:01 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-
S01.pettymachine.local
141:14:01 Elapsed Time syslog: failed dns request
len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local
141:15:35 Elapsed Time syslog: failed dns request
len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid
141:15:36 Elapsed Time syslog: failed dns request
len=148,srcip=65.5.144.2, url=wpad.domain_not_set.invalid
141:20:00 Elapsed Time -- MARK --
141:20:52 Elapsed Time syslog: failed dns request
len=69,srcip=208.67.222.222, url=wpad.pettymachine.local
141:24:31 Elapsed Time syslog: failed dns request
len=149,srcip=64.16.224.100, url=LINDA.domain_not_set.invalid
141:28:34 Elapsed Time syslog: failed dns request
len=50,srcip=208.67.222.222, url=wpad
141:28:39 Elapsed Time syslog: failed dns request
len=69,srcip=208.67.222.222, url=wpad.pettymachine.local
141:28:53 Elapsed Time syslog: failed dns request
len=151,srcip=4.2.2.2, url=Flowboy.domain_not_set.invalid
141:29:01 Elapsed Time syslog: failed dns request
len=115,srcip=208.67.222.222, url=_ldap._tcp.Default-First-Site-
Name._sites.PMCC-S01.pettymac
141:29:01 Elapsed Time syslog: failed dns request
len=84,srcip=208.67.222.222, url=_ldap._tcp.PMCC-
S01.pettymachine.local
141:29:02 Elapsed Time syslog: failed dns request
len=77,srcip=208.67.222.222, url=PETTYMACHINE.pettymachine.local
141:29:06 Elapsed Time syslog: failed dns request
len=153,srcip=4.2.2.2, url=Cadserver.domain_not_set.invalid
141:31:41 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=LINDA.pettymachine.local
141:31:41 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.220.220, url=LINDA.pettymachine.local
141:32:00 Elapsed Time syslog: failed dns request
len=71,srcip=208.67.222.222, url=25.206.253.5.in-addr.arpa
141:32:06 Elapsed Time syslog: failed dns request
len=71,srcip=208.67.222.222, url=25.0.168.192.in-addr.arpa
141:32:06 Elapsed Time syslog: failed dns request
len=71,srcip=208.67.220.220, url=25.0.168.192.in-addr.arpa
141:32:11 Elapsed Time syslog: failed dns request
len=72,srcip=208.67.222.222, url=102.0.168.192.in-addr.arpa
141:32:15 Elapsed Time syslog: failed dns request
len=72,srcip=208.67.222.222, url=103.0.168.192.in-addr.arpa
141:32:21 Elapsed Time syslog: failed dns request
len=72,srcip=208.67.222.222, url=104.0.168.192.in-addr.arpa
141:32:21 Elapsed Time syslog: failed dns request
len=72,srcip=208.67.220.220, url=104.0.168.192.in-addr.arpa
141:32:26 Elapsed Time syslog: failed dns request
len=72,srcip=208.67.222.222, url=106.0.168.192.in-addr.arpa
141:32:32 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=105.18.9.76.in-addr.arpa
141:32:38 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.222.222, url=61.124.5.72.in-addr.arpa
141:32:38 Elapsed Time syslog: failed dns request
len=70,srcip=208.67.220.220, url=61.124.5.72.in-addr.arpa


Thanks
Randy
 
Re: LDAP and surfing

Hello ki4zji,

The DC is multihomed, which is a really bad decision for DC's. Or for what
is the 5.42.248.149 obtained from a DHCP server?

Also, if you have configured the 208.67.222.222 / 208.67.220.220, where did
you set them, i can not see them on the output from ipconfig /all?

A DC have the need for an internal DNS server, externals only for name resolution.
If DNS is not correct configured it can also slow down the network and create
other strange problems. Even if your bandwith is not that much, shouldn't
be a big problem with correct DNS settings.

What ip configuration does your clients have, please post an unedited ipconfig
/all from one of them.

The LDAP entries in the logfile seems for me to come because your server
and also the clients, i assume, have DNS configuration mismatches.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
>> Hello ki4zji,
>>
>> What kind of network setup do you have, please describe more details,
>> domain
>> or workgroup? What does have problem, server or client? Please post
>> an unedited
>> ipconfig /all form your domai internal server and a client with
>> problems.
>> If your LAN internal machines use the ISP's server this is a bad
>> configuration.
>> But to help you, we need some more info about your network.
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Here's the problem...
>>>
>>> One of our installations is having what appears to be intermittent
>>> problems with internet surfing download speeds. We have replaced
>>> the
>>> DSL modem and thoroughly tested all the associated LAN hardware.
>>> The
>>> DSL provider has now responded saying:
>>> "I have taken a further look and it seems that your server (LAN IP:
>>> 192.168.0.2) seems to be using something called "LDAP" which tries
>>> to
>>> verify certain information before allowing your PC to bring up that
>>> webpage. This LDAP in your server is not recognizing certain pages
>>> correctly. I would suggest the following:"
>>> The address x.x.x.2 is, in fact, our windows 2003 server, however I
>>> fail to see how LDAP can interfere with web surfing.
>>> Essentially, this server is isolated (through a NAT router with all
>>> incoming ports closed) from the internet and there is very little
>>> risk of a malware infection.
>>>
>>> The clients on the network are using x.x.x.2 as their DNS server.
>>>
>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
>>> the clients to see a slowdown in browsing?
>>>
> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
>> Hello ki4zji,
>>
>> What kind of network setup do you have, please describe more details,
>> domain
>> or workgroup? What does have problem, server or client? Please post
>> an unedited
>> ipconfig /all form your domai internal server and a client with
>> problems.
>> If your LAN internal machines use the ISP's server this is a bad
>> configuration.
>> But to help you, we need some more info about your network.
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Here's the problem...
>>>
>>> One of our installations is having what appears to be intermittent
>>> problems with internet surfing download speeds. We have replaced
>>> the
>>> DSL modem and thoroughly tested all the associated LAN hardware.
>>> The
>>> DSL provider has now responded saying:
>>> "I have taken a further look and it seems that your server (LAN IP:
>>> 192.168.0.2) seems to be using something called "LDAP" which tries
>>> to
>>> verify certain information before allowing your PC to bring up that
>>> webpage. This LDAP in your server is not recognizing certain pages
>>> correctly. I would suggest the following:"
>>> The address x.x.x.2 is, in fact, our windows 2003 server, however I
>>> fail to see how LDAP can interfere with web surfing.
>>> Essentially, this server is isolated (through a NAT router with all
>>> incoming ports closed) from the internet and there is very little
>>> risk of a malware infection.
>>>
>>> The clients on the network are using x.x.x.2 as their DNS server.
>>>
>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
>>> the clients to see a slowdown in browsing?
>>>
> Windows IP Configuration
>
> Host Name . . . . . . . . . . . . : PMCC-S01
> Primary Dns Suffix . . . . . . . : pettymachine.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : pettymachine.local
> Ethernet adapter Hamachi:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Hamachi Network Interface
> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95
> DHCP Enabled. . . . . . . . . . . : Yes
> Autoconfiguration Enabled . . . . : No
> IP Address. . . . . . . . . . . . : 5.42.248.149
> Subnet Mask . . . . . . . . . . . : 255.0.0.0
> Default Gateway . . . . . . . . . :
> DHCP Server . . . . . . . . . . . : 5.0.0.1
> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008
> 4:00:10 PM
> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009
> 4:00:10 PM
> Ethernet adapter Server Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> Ethernet
> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.0.2
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.0.1
> DNS Servers . . . . . . . . . . . : 192.168.0.2
> Primary WINS Server . . . . . . . : 192.168.2.107
> DNS is configured on this server and is pointing to 208.67.222.222 /
> 208.67.220.220 / 192.168.0.2 as name servers.
>
> This is from a windows 2003 PDC. There are four PC's connected to
> this server which are members of the domain and three PC's which look
> to this server for DNS resolution only. As you can see, we are using
> OPEN DNS instead of our ISP's name server. The problem here appears
> to be in bandwidth (slow surfing). While promising a 3.0/384
> connection, DSL Reports' speed tests indicate a 561k / 306k
> connection. If DNS were not correct, we would see DNS errors, not a
> decrease in available bandwidth, correct?
>
> The problem occurs anywhere on the network and appears to be random. I
> did not capture information from a client machine as the problem is on
> both client and server.
>
> The ISP is making two claims:
> 1) there is some failure in LDAP causing the problem. I don't know,
> hence me asking the question.
> 2) someone is downloading music from the server (.0.2). I am the only
> one with access to the server, and I do not believe there to be any
> malware on the server. Further, during one of the slowdowns, I ran a
> netstat. There were only two connections to the internet and both
> were related to 'LOGMEIN.COM', the tool I use for remote support.
> This would never account for 2.5M of bandwidth.
> Thanks
> Randy
 
Re: LDAP and surfing

On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> Hello ki4zji,
>
> The DC is multihomed, which is a really bad decision for DC's. Or for what
> is the 5.42.248.149 obtained from a DHCP server?
>
> Also, if you have configured the 208.67.222.222 / 208.67.220.220, where did
> you set them, i can not see them on the output from ipconfig /all?
>
> A DC have the need for an internal DNS server, externals only for name resolution.
> If DNS is not correct configured it can also slow down the network and create
> other strange problems. Even if your bandwith is not that much, shouldn't
> be a big problem with correct DNS settings.
>
> What ip configuration does your clients have, please post an unedited ipconfig
> /all from one of them.
>
> The LDAP entries in the logfile seems for me to come because your server
> and also the clients, i assume, have DNS configuration mismatches.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >> Hello ki4zji,
>
> >> What kind of network setup do you have, please describe more details,
> >> domain
> >> or workgroup? What does have problem, server or client? Please post
> >> an unedited
> >> ipconfig /all form your domai internal server and a client with
> >> problems.
> >> If your LAN internal machines use the ISP's server this is a bad
> >> configuration.
> >> But to help you, we need some more info about your network.
> >> Best regards
>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> Here's the problem...
>
> >>> One of our installations is having what appears to be intermittent
> >>> problems with internet surfing download speeds.  We have replaced
> >>> the
> >>> DSL modem and thoroughly tested all the associated LAN hardware.
> >>> The
> >>> DSL provider has now responded saying:
> >>> "I have taken a further look and it seems that your server (LAN IP:
> >>> 192.168.0.2) seems to be using something called "LDAP" which tries
> >>> to
> >>> verify certain information before allowing your PC to bring up that
> >>> webpage. This LDAP in your server is not recognizing certain pages
> >>> correctly. I would suggest the following:"
> >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I
> >>> fail to see how LDAP can interfere with web surfing.
> >>> Essentially, this server is isolated (through a NAT router with all
> >>> incoming ports closed) from the internet and there is very little
> >>> risk of a malware infection.
>
> >>> The clients on the network are using x.x.x.2 as their DNS server.
>
> >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
> >>> the clients to see a slowdown in browsing?
>
> > On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >> Hello ki4zji,
>
> >> What kind of network setup do you have, please describe more details,
> >> domain
> >> or workgroup? What does have problem, server or client? Please post
> >> an unedited
> >> ipconfig /all form your domai internal server and a client with
> >> problems.
> >> If your LAN internal machines use the ISP's server this is a bad
> >> configuration.
> >> But to help you, we need some more info about your network.
> >> Best regards
>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> Here's the problem...
>
> >>> One of our installations is having what appears to be intermittent
> >>> problems with internet surfing download speeds.  We have replaced
> >>> the
> >>> DSL modem and thoroughly tested all the associated LAN hardware.
> >>> The
> >>> DSL provider has now responded saying:
> >>> "I have taken a further look and it seems that your server (LAN IP:
> >>> 192.168.0.2) seems to be using something called "LDAP" which tries
> >>> to
> >>> verify certain information before allowing your PC to bring up that
> >>> webpage. This LDAP in your server is not recognizing certain pages
> >>> correctly. I would suggest the following:"
> >>> The address x.x.x.2 is, in fact, our windows 2003 server, however I
> >>> fail to see how LDAP can interfere with web surfing.
> >>> Essentially, this server is isolated (through a NAT router with all
> >>> incoming ports closed) from the internet and there is very little
> >>> risk of a malware infection.
>
> >>> The clients on the network are using x.x.x.2 as their DNS server.
>
> >>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
> >>> the clients to see a slowdown in browsing?
>
> > Windows IP Configuration
>
> > Host Name . . . . . . . . . . . . : PMCC-S01
> > Primary Dns Suffix  . . . . . . . : pettymachine.local
> > Node Type . . . . . . . . . . . . : Hybrid
> > IP Routing Enabled. . . . . . . . : No
> > WINS Proxy Enabled. . . . . . . . : No
> > DNS Suffix Search List. . . . . . : pettymachine.local
> > Ethernet adapter Hamachi:
>
> > Connection-specific DNS Suffix  . :
> > Description . . . . . . . . . . . : Hamachi Network Interface
> > Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95
> > DHCP Enabled. . . . . . . . . . . : Yes
> > Autoconfiguration Enabled . . . . : No
> > IP Address. . . . . . . . . . . . : 5.42.248.149
> > Subnet Mask . . . . . . . . . . . : 255.0.0.0
> > Default Gateway . . . . . . . . . :
> > DHCP Server . . . . . . . . . . . : 5.0.0.1
> > Lease Obtained. . . . . . . . . . : Monday, September 29, 2008
> > 4:00:10 PM
> > Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009
> > 4:00:10 PM
> > Ethernet adapter Server Local Area Connection:
>
> > Connection-specific DNS Suffix  . :
> > Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> > Ethernet
> > Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.0.2
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.0.1
> > DNS Servers . . . . . . . . . . . : 192.168.0.2
> > Primary WINS Server . . . . . . . : 192.168.2.107
> > DNS is configured on this server and is pointing to 208.67.222.222 /
> > 208.67.220.220 / 192.168.0.2 as name servers.
>
> > This is from a windows 2003 PDC.  There are four PC's connected to
> > this server which are members of the domain and three PC's which look
> > to this server for DNS resolution only.  As you can see, we are using
> > OPEN DNS instead of our ISP's name server.  The problem here appears
> > to be in bandwidth (slow surfing).  While promising a 3.0/384
> > connection, DSL Reports' speed tests indicate a 561k / 306k
> > connection.  If DNS were not correct, we would see DNS errors, not a
> > decrease in available bandwidth, correct?
>
> > The problem occurs anywhere on the network and appears to be random. I
> > did not capture information from a client machine as the problem is on
> > both client and server.
>
> > The ISP is making two claims:
> > 1) there is some failure in LDAP causing the problem.  I don't know,
> > hence me asking the question.
> > 2) someone is downloading music from the server (.0.2).  I am the only
> > one with access to the server, and I do not believe there to be any
> > malware on the server.  Further, during one of the slowdowns, I ran a
> > netstat.  There were only two connections to the internet and both
> > were related to 'LOGMEIN.COM', the tool I use for remote support.
> > This would never account for 2.5M of bandwidth.
> > Thanks
> > Randy

the 5. address is a hamachi vpn address. It is only active
occasionally for support purposes. During this particular problem, it
is not active.

here is an IPCONFIG /ALL from one of the client PC's:
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : LINDA
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/100 Network
Connection
Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.25
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2
Primary WINS Server . . . . . . . : 192.168.0.1



The addresses for the OPEN DNS servers are entered in accordance with
the instructions at: https://www.opendns.com/smb/start/device/windows-server-2003.
In other words, these servers are included as 'FORWARDERS'.

Also, this configuration has worked for some time and has only failed
recently. My suspicion is that there is some failure on the ISP's end
and they do not want to admit it. However, I just want to make sure
that LDAP cannot cause such a slowdown.
 
Re: LDAP and surfing

Hello ki4zji,

You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it
there.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
>> Hello ki4zji,
>>
>> The DC is multihomed, which is a really bad decision for DC's. Or for
>> what is the 5.42.248.149 obtained from a DHCP server?
>>
>> Also, if you have configured the 208.67.222.222 / 208.67.220.220,
>> where did you set them, i can not see them on the output from
>> ipconfig /all?
>>
>> A DC have the need for an internal DNS server, externals only for
>> name resolution.
>> If DNS is not correct configured it can also slow down the network
>> and create
>> other strange problems. Even if your bandwith is not that much,
>> shouldn't
>> be a big problem with correct DNS settings.
>> What ip configuration does your clients have, please post an unedited
>> ipconfig /all from one of them.
>>
>> The LDAP entries in the logfile seems for me to come because your
>> server and also the clients, i assume, have DNS configuration
>> mismatches.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>>>
>>>> Hello ki4zji,
>>>>
>>>> What kind of network setup do you have, please describe more
>>>> details,
>>>> domain
>>>> or workgroup? What does have problem, server or client? Please post
>>>> an unedited
>>>> ipconfig /all form your domai internal server and a client with
>>>> problems.
>>>> If your LAN internal machines use the ISP's server this is a bad
>>>> configuration.
>>>> But to help you, we need some more info about your network.
>>>> Best regards
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>> Here's the problem...
>>>>>
>>>>> One of our installations is having what appears to be intermittent
>>>>> problems with internet surfing download speeds. We have replaced
>>>>> the
>>>>> DSL modem and thoroughly tested all the associated LAN hardware.
>>>>> The
>>>>> DSL provider has now responded saying:
>>>>> "I have taken a further look and it seems that your server (LAN
>>>>> IP:
>>>>> 192.168.0.2) seems to be using something called "LDAP" which tries
>>>>> to
>>>>> verify certain information before allowing your PC to bring up
>>>>> that
>>>>> webpage. This LDAP in your server is not recognizing certain pages
>>>>> correctly. I would suggest the following:"
>>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however
>>>>> I
>>>>> fail to see how LDAP can interfere with web surfing.
>>>>> Essentially, this server is isolated (through a NAT router with
>>>>> all
>>>>> incoming ports closed) from the internet and there is very little
>>>>> risk of a malware infection.
>>>>> The clients on the network are using x.x.x.2 as their DNS server.
>>>>>
>>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
>>>>> the clients to see a slowdown in browsing?
>>>>>
>>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>>>
>>>> Hello ki4zji,
>>>>
>>>> What kind of network setup do you have, please describe more
>>>> details,
>>>> domain
>>>> or workgroup? What does have problem, server or client? Please post
>>>> an unedited
>>>> ipconfig /all form your domai internal server and a client with
>>>> problems.
>>>> If your LAN internal machines use the ISP's server this is a bad
>>>> configuration.
>>>> But to help you, we need some more info about your network.
>>>> Best regards
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>> Here's the problem...
>>>>>
>>>>> One of our installations is having what appears to be intermittent
>>>>> problems with internet surfing download speeds. We have replaced
>>>>> the
>>>>> DSL modem and thoroughly tested all the associated LAN hardware.
>>>>> The
>>>>> DSL provider has now responded saying:
>>>>> "I have taken a further look and it seems that your server (LAN
>>>>> IP:
>>>>> 192.168.0.2) seems to be using something called "LDAP" which tries
>>>>> to
>>>>> verify certain information before allowing your PC to bring up
>>>>> that
>>>>> webpage. This LDAP in your server is not recognizing certain pages
>>>>> correctly. I would suggest the following:"
>>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however
>>>>> I
>>>>> fail to see how LDAP can interfere with web surfing.
>>>>> Essentially, this server is isolated (through a NAT router with
>>>>> all
>>>>> incoming ports closed) from the internet and there is very little
>>>>> risk of a malware infection.
>>>>> The clients on the network are using x.x.x.2 as their DNS server.
>>>>>
>>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
>>>>> the clients to see a slowdown in browsing?
>>>>>
>>> Windows IP Configuration
>>>
>>> Host Name . . . . . . . . . . . . : PMCC-S01
>>> Primary Dns Suffix . . . . . . . : pettymachine.local
>>> Node Type . . . . . . . . . . . . : Hybrid
>>> IP Routing Enabled. . . . . . . . : No
>>> WINS Proxy Enabled. . . . . . . . : No
>>> DNS Suffix Search List. . . . . . : pettymachine.local
>>> Ethernet adapter Hamachi:
>>> Connection-specific DNS Suffix . :
>>> Description . . . . . . . . . . . : Hamachi Network Interface
>>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95
>>> DHCP Enabled. . . . . . . . . . . : Yes
>>> Autoconfiguration Enabled . . . . : No
>>> IP Address. . . . . . . . . . . . : 5.42.248.149
>>> Subnet Mask . . . . . . . . . . . : 255.0.0.0
>>> Default Gateway . . . . . . . . . :
>>> DHCP Server . . . . . . . . . . . : 5.0.0.1
>>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008
>>> 4:00:10 PM
>>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009
>>> 4:00:10 PM
>>> Ethernet adapter Server Local Area Connection:
>>> Connection-specific DNS Suffix . :
>>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
>>> Ethernet
>>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8
>>> DHCP Enabled. . . . . . . . . . . : No
>>> IP Address. . . . . . . . . . . . : 192.168.0.2
>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>>> Default Gateway . . . . . . . . . : 192.168.0.1
>>> DNS Servers . . . . . . . . . . . : 192.168.0.2
>>> Primary WINS Server . . . . . . . : 192.168.2.107
>>> DNS is configured on this server and is pointing to 208.67.222.222 /
>>> 208.67.220.220 / 192.168.0.2 as name servers.
>>> This is from a windows 2003 PDC. There are four PC's connected to
>>> this server which are members of the domain and three PC's which
>>> look to this server for DNS resolution only. As you can see, we are
>>> using OPEN DNS instead of our ISP's name server. The problem here
>>> appears to be in bandwidth (slow surfing). While promising a
>>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k
>>> connection. If DNS were not correct, we would see DNS errors, not a
>>> decrease in available bandwidth, correct?
>>>
>>> The problem occurs anywhere on the network and appears to be random.
>>> I did not capture information from a client machine as the problem
>>> is on both client and server.
>>>
>>> The ISP is making two claims:
>>> 1) there is some failure in LDAP causing the problem. I don't know,
>>> hence me asking the question.
>>> 2) someone is downloading music from the server (.0.2). I am the
>>> only
>>> one with access to the server, and I do not believe there to be any
>>> malware on the server. Further, during one of the slowdowns, I ran
>>> a
>>> netstat. There were only two connections to the internet and both
>>> were related to 'LOGMEIN.COM', the tool I use for remote support.
>>> This would never account for 2.5M of bandwidth.
>>> Thanks
>>> Randy
> the 5. address is a hamachi vpn address. It is only active
> occasionally for support purposes. During this particular problem, it
> is not active.
>
> here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP
> Configuration
>
> Host Name . . . . . . . . . . . . : LINDA
> Primary DNS Suffix . . . . . . . :
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Intel(R) PRO/100 Network
> Connection
> Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.0.25
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.0.1
> DNS Servers . . . . . . . . . . . : 192.168.0.2
> Primary WINS Server . . . . . . . : 192.168.0.1
> The addresses for the OPEN DNS servers are entered in accordance with
> the instructions at:
> https://www.opendns.com/smb/start/device/windows-server-2003.
> In other words, these servers are included as 'FORWARDERS'.
> Also, this configuration has worked for some time and has only failed
> recently. My suspicion is that there is some failure on the ISP's end
> and they do not want to admit it. However, I just want to make sure
> that LDAP cannot cause such a slowdown.
>
 
Re: LDAP and surfing

On Sep 29, 5:50 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> Hello ki4zji,
>
> You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it
> there.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >> Hello ki4zji,
>
> >> The DC is multihomed, which is a really bad decision for DC's. Or for
> >> what is the 5.42.248.149 obtained from a DHCP server?
>
> >> Also, if you have configured the 208.67.222.222 / 208.67.220.220,
> >> where did you set them, i can not see them on the output from
> >> ipconfig /all?
>
> >> A DC have the need for an internal DNS server, externals only for
> >> name resolution.
> >> If DNS is not correct configured it can also slow down the network
> >> and create
> >> other strange problems. Even if your bandwith is not that much,
> >> shouldn't
> >> be a big problem with correct DNS settings.
> >> What ip configuration does your clients have, please post an unedited
> >> ipconfig /all from one of them.
>
> >> The LDAP entries in the logfile seems for me to come because your
> >> server and also the clients, i assume, have DNS configuration
> >> mismatches.
>
> >> Best regards
>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >> ** Please do NOT email, only reply to Newsgroups
> >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >>>> Hello ki4zji,
>
> >>>> What kind of network setup do you have, please describe more
> >>>> details,
> >>>> domain
> >>>> or workgroup? What does have problem, server or client? Please post
> >>>> an unedited
> >>>> ipconfig /all form your domai internal server and a client with
> >>>> problems.
> >>>> If your LAN internal machines use the ISP's server this is a bad
> >>>> configuration.
> >>>> But to help you, we need some more info about your network.
> >>>> Best regards
> >>>> Meinolf Weber
> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>> and
> >>>> confers
> >>>> no rights.
> >>>> ** Please do NOT email, only reply to Newsgroups
> >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>> Here's the problem...
>
> >>>>> One of our installations is having what appears to be intermittent
> >>>>> problems with internet surfing download speeds.  We have replaced
> >>>>> the
> >>>>> DSL modem and thoroughly tested all the associated LAN hardware.
> >>>>> The
> >>>>> DSL provider has now responded saying:
> >>>>> "I have taken a further look and it seems that your server (LAN
> >>>>> IP:
> >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries
> >>>>> to
> >>>>> verify certain information before allowing your PC to bring up
> >>>>> that
> >>>>> webpage. This LDAP in your server is not recognizing certain pages
> >>>>> correctly. I would suggest the following:"
> >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however
> >>>>> I
> >>>>> fail to see how LDAP can interfere with web surfing.
> >>>>> Essentially, this server is isolated (through a NAT router with
> >>>>> all
> >>>>> incoming ports closed) from the internet and there is very little
> >>>>> risk of a malware infection.
> >>>>> The clients on the network are using x.x.x.2 as their DNS server.
>
> >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
> >>>>> the clients to see a slowdown in browsing?
>
> >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >>>> Hello ki4zji,
>
> >>>> What kind of network setup do you have, please describe more
> >>>> details,
> >>>> domain
> >>>> or workgroup? What does have problem, server or client? Please post
> >>>> an unedited
> >>>> ipconfig /all form your domai internal server and a client with
> >>>> problems.
> >>>> If your LAN internal machines use the ISP's server this is a bad
> >>>> configuration.
> >>>> But to help you, we need some more info about your network.
> >>>> Best regards
> >>>> Meinolf Weber
> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>> and
> >>>> confers
> >>>> no rights.
> >>>> ** Please do NOT email, only reply to Newsgroups
> >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> >>>>> Here's the problem...
>
> >>>>> One of our installations is having what appears to be intermittent
> >>>>> problems with internet surfing download speeds.  We have replaced
> >>>>> the
> >>>>> DSL modem and thoroughly tested all the associated LAN hardware.
> >>>>> The
> >>>>> DSL provider has now responded saying:
> >>>>> "I have taken a further look and it seems that your server (LAN
> >>>>> IP:
> >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries
> >>>>> to
> >>>>> verify certain information before allowing your PC to bring up
> >>>>> that
> >>>>> webpage. This LDAP in your server is not recognizing certain pages
> >>>>> correctly. I would suggest the following:"
> >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however
> >>>>> I
> >>>>> fail to see how LDAP can interfere with web surfing.
> >>>>> Essentially, this server is isolated (through a NAT router with
> >>>>> all
> >>>>> incoming ports closed) from the internet and there is very little
> >>>>> risk of a malware infection.
> >>>>> The clients on the network are using x.x.x.2 as their DNS server.
>
> >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
> >>>>> the clients to see a slowdown in browsing?
>
> >>> Windows IP Configuration
>
> >>> Host Name . . . . . . . . . . . . : PMCC-S01
> >>> Primary Dns Suffix  . . . . . . . : pettymachine.local
> >>> Node Type . . . . . . . . . . . . : Hybrid
> >>> IP Routing Enabled. . . . . . . . : No
> >>> WINS Proxy Enabled. . . . . . . . : No
> >>> DNS Suffix Search List. . . . . . : pettymachine.local
> >>> Ethernet adapter Hamachi:
> >>> Connection-specific DNS Suffix  . :
> >>> Description . . . . . . . . . . . : Hamachi Network Interface
> >>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95
> >>> DHCP Enabled. . . . . . . . . . . : Yes
> >>> Autoconfiguration Enabled . . . . : No
> >>> IP Address. . . . . . . . . . . . : 5.42.248.149
> >>> Subnet Mask . . . . . . . . . . . : 255.0.0.0
> >>> Default Gateway . . . . . . . . . :
> >>> DHCP Server . . . . . . . . . . . : 5.0.0.1
> >>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008
> >>> 4:00:10 PM
> >>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009
> >>> 4:00:10 PM
> >>> Ethernet adapter Server Local Area Connection:
> >>> Connection-specific DNS Suffix  . :
> >>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> >>> Ethernet
> >>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8
> >>> DHCP Enabled. . . . . . . . . . . : No
> >>> IP Address. . . . . . . . . . . . : 192.168.0.2
> >>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> >>> Default Gateway . . . . . . . . . : 192.168.0.1
> >>> DNS Servers . . . . . . . . . . . : 192.168.0.2
> >>> Primary WINS Server . . . . . . . : 192.168.2.107
> >>> DNS is configured on this server and is pointing to 208.67.222.222 /
> >>> 208.67.220.220 / 192.168.0.2 as name servers.
> >>> This is from a windows 2003 PDC.  There are four PC's connected to
> >>> this server which are members of the domain and three PC's which
> >>> look to this server for DNS resolution only.  As you can see, we are
> >>> using OPEN DNS instead of our ISP's name server.  The problem here
> >>> appears to be in bandwidth (slow surfing).  While promising a
> >>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k
> >>> connection.  If DNS were not correct, we would see DNS errors, not a
> >>> decrease in available bandwidth, correct?
>
> >>> The problem occurs anywhere on the network and appears to be random.
> >>> I did not capture information from a client machine as the problem
> >>> is on both client and server.
>
> >>> The ISP is making two claims:
> >>> 1) there is some failure in LDAP causing the problem.  I don't know,
> >>> hence me asking the question.
> >>> 2) someone is downloading music from the server (.0.2).  I am the
> >>> only
> >>> one with access to the server, and I do not believe there to be any
> >>> malware on the server.  Further, during one of the slowdowns, I ran
> >>> a
> >>> netstat.  There were only two connections to the internet and both
> >>> were related to 'LOGMEIN.COM', the tool I use for remote support.
> >>> This would never account for 2.5M of bandwidth.
> >>> Thanks
> >>> Randy
> > the 5. address is a hamachi vpn address.  It is only active
> > occasionally for support purposes.  During this particular problem, it
> > is not active.
>
> > here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP
> > Configuration
>
> > Host Name . . . . . . . . . . . . : LINDA
> > Primary DNS Suffix  . . . . . . . :
> > Node Type . . . . . . . . . . . . : Hybrid
> > IP Routing Enabled. . . . . . . . : No
> > WINS Proxy Enabled. . . . . . . . : No
> > Ethernet adapter Local Area Connection:
>
> > Connection-specific DNS Suffix  . :
> > Description . . . . . . . . . . . : Intel(R) PRO/100 Network
> > Connection
> > Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.0.25
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.0.1
> > DNS Servers . . . . . . . . . . . : 192.168.0.2
> > Primary WINS Server . . . . . . . : 192.168.0.1
> > The addresses for the OPEN DNS servers are entered in accordance with
> > the instructions at:
> >https://www.opendns.com/smb/start/device/windows-server-2003.
> > In other words, these servers are included as 'FORWARDERS'.
> > Also, this configuration has worked for some time and has only failed
> > recently.  My suspicion is that there is some failure on the ISP's end
> > and they do not want to admit it.  However, I just want to make sure
> > that LDAP cannot cause such a slowdown.

my apologies ... x.x.x.2 is not included in the forwarders tab.
 
Re: LDAP and surfing

From the ipconfig from the client, I can see you are missing a primary dns
suffix.


"ki4zji" wrote:

> On Sep 29, 5:50 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> > Hello ki4zji,
> >
> > You wrote the 192.168.x.x is a lso added to the forwarders tab? Remove it
> > there.
> >
> > Best regards
> >
> > Meinolf Weber
> > Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> > no rights.
> > ** Please do NOT email, only reply to Newsgroups
> > ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> >
> > > On Sep 29, 5:13 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> >
> > >> Hello ki4zji,
> >
> > >> The DC is multihomed, which is a really bad decision for DC's. Or for
> > >> what is the 5.42.248.149 obtained from a DHCP server?
> >
> > >> Also, if you have configured the 208.67.222.222 / 208.67.220.220,
> > >> where did you set them, i can not see them on the output from
> > >> ipconfig /all?
> >
> > >> A DC have the need for an internal DNS server, externals only for
> > >> name resolution.
> > >> If DNS is not correct configured it can also slow down the network
> > >> and create
> > >> other strange problems. Even if your bandwith is not that much,
> > >> shouldn't
> > >> be a big problem with correct DNS settings.
> > >> What ip configuration does your clients have, please post an unedited
> > >> ipconfig /all from one of them.
> >
> > >> The LDAP entries in the logfile seems for me to come because your
> > >> server and also the clients, i assume, have DNS configuration
> > >> mismatches.
> >
> > >> Best regards
> >
> > >> Meinolf Weber
> > >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> > >> confers
> > >> no rights.
> > >> ** Please do NOT email, only reply to Newsgroups
> > >> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> >
> > >>>> Hello ki4zji,
> >
> > >>>> What kind of network setup do you have, please describe more
> > >>>> details,
> > >>>> domain
> > >>>> or workgroup? What does have problem, server or client? Please post
> > >>>> an unedited
> > >>>> ipconfig /all form your domai internal server and a client with
> > >>>> problems.
> > >>>> If your LAN internal machines use the ISP's server this is a bad
> > >>>> configuration.
> > >>>> But to help you, we need some more info about your network.
> > >>>> Best regards
> > >>>> Meinolf Weber
> > >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> > >>>> and
> > >>>> confers
> > >>>> no rights.
> > >>>> ** Please do NOT email, only reply to Newsgroups
> > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> > >>>>> Here's the problem...
> >
> > >>>>> One of our installations is having what appears to be intermittent
> > >>>>> problems with internet surfing download speeds. We have replaced
> > >>>>> the
> > >>>>> DSL modem and thoroughly tested all the associated LAN hardware.
> > >>>>> The
> > >>>>> DSL provider has now responded saying:
> > >>>>> "I have taken a further look and it seems that your server (LAN
> > >>>>> IP:
> > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries
> > >>>>> to
> > >>>>> verify certain information before allowing your PC to bring up
> > >>>>> that
> > >>>>> webpage. This LDAP in your server is not recognizing certain pages
> > >>>>> correctly. I would suggest the following:"
> > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however
> > >>>>> I
> > >>>>> fail to see how LDAP can interfere with web surfing.
> > >>>>> Essentially, this server is isolated (through a NAT router with
> > >>>>> all
> > >>>>> incoming ports closed) from the internet and there is very little
> > >>>>> risk of a malware infection.
> > >>>>> The clients on the network are using x.x.x.2 as their DNS server.
> >
> > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
> > >>>>> the clients to see a slowdown in browsing?
> >
> > >>> On Sep 29, 3:52 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> >
> > >>>> Hello ki4zji,
> >
> > >>>> What kind of network setup do you have, please describe more
> > >>>> details,
> > >>>> domain
> > >>>> or workgroup? What does have problem, server or client? Please post
> > >>>> an unedited
> > >>>> ipconfig /all form your domai internal server and a client with
> > >>>> problems.
> > >>>> If your LAN internal machines use the ISP's server this is a bad
> > >>>> configuration.
> > >>>> But to help you, we need some more info about your network.
> > >>>> Best regards
> > >>>> Meinolf Weber
> > >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> > >>>> and
> > >>>> confers
> > >>>> no rights.
> > >>>> ** Please do NOT email, only reply to Newsgroups
> > >>>> ** HELP us help YOU!!!http://www.blakjak.demon.co.uk/mul_crss.htm
> > >>>>> Here's the problem...
> >
> > >>>>> One of our installations is having what appears to be intermittent
> > >>>>> problems with internet surfing download speeds. We have replaced
> > >>>>> the
> > >>>>> DSL modem and thoroughly tested all the associated LAN hardware.
> > >>>>> The
> > >>>>> DSL provider has now responded saying:
> > >>>>> "I have taken a further look and it seems that your server (LAN
> > >>>>> IP:
> > >>>>> 192.168.0.2) seems to be using something called "LDAP" which tries
> > >>>>> to
> > >>>>> verify certain information before allowing your PC to bring up
> > >>>>> that
> > >>>>> webpage. This LDAP in your server is not recognizing certain pages
> > >>>>> correctly. I would suggest the following:"
> > >>>>> The address x.x.x.2 is, in fact, our windows 2003 server, however
> > >>>>> I
> > >>>>> fail to see how LDAP can interfere with web surfing.
> > >>>>> Essentially, this server is isolated (through a NAT router with
> > >>>>> all
> > >>>>> incoming ports closed) from the internet and there is very little
> > >>>>> risk of a malware infection.
> > >>>>> The clients on the network are using x.x.x.2 as their DNS server.
> >
> > >>>>> Is there any way LDAP on the x.x.x.2 Windows 2003 Server can cause
> > >>>>> the clients to see a slowdown in browsing?
> >
> > >>> Windows IP Configuration
> >
> > >>> Host Name . . . . . . . . . . . . : PMCC-S01
> > >>> Primary Dns Suffix . . . . . . . : pettymachine.local
> > >>> Node Type . . . . . . . . . . . . : Hybrid
> > >>> IP Routing Enabled. . . . . . . . : No
> > >>> WINS Proxy Enabled. . . . . . . . : No
> > >>> DNS Suffix Search List. . . . . . : pettymachine.local
> > >>> Ethernet adapter Hamachi:
> > >>> Connection-specific DNS Suffix . :
> > >>> Description . . . . . . . . . . . : Hamachi Network Interface
> > >>> Physical Address. . . . . . . . . : 7A-79-05-2A-F8-95
> > >>> DHCP Enabled. . . . . . . . . . . : Yes
> > >>> Autoconfiguration Enabled . . . . : No
> > >>> IP Address. . . . . . . . . . . . : 5.42.248.149
> > >>> Subnet Mask . . . . . . . . . . . : 255.0.0.0
> > >>> Default Gateway . . . . . . . . . :
> > >>> DHCP Server . . . . . . . . . . . : 5.0.0.1
> > >>> Lease Obtained. . . . . . . . . . : Monday, September 29, 2008
> > >>> 4:00:10 PM
> > >>> Lease Expires . . . . . . . . . . : Tuesday, September 29, 2009
> > >>> 4:00:10 PM
> > >>> Ethernet adapter Server Local Area Connection:
> > >>> Connection-specific DNS Suffix . :
> > >>> Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit
> > >>> Ethernet
> > >>> Physical Address. . . . . . . . . : 00-19-B9-FE-F7-F8
> > >>> DHCP Enabled. . . . . . . . . . . : No
> > >>> IP Address. . . . . . . . . . . . : 192.168.0.2
> > >>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > >>> Default Gateway . . . . . . . . . : 192.168.0.1
> > >>> DNS Servers . . . . . . . . . . . : 192.168.0.2
> > >>> Primary WINS Server . . . . . . . : 192.168.2.107
> > >>> DNS is configured on this server and is pointing to 208.67.222.222 /
> > >>> 208.67.220.220 / 192.168.0.2 as name servers.
> > >>> This is from a windows 2003 PDC. There are four PC's connected to
> > >>> this server which are members of the domain and three PC's which
> > >>> look to this server for DNS resolution only. As you can see, we are
> > >>> using OPEN DNS instead of our ISP's name server. The problem here
> > >>> appears to be in bandwidth (slow surfing). While promising a
> > >>> 3.0/384 connection, DSL Reports' speed tests indicate a 561k / 306k
> > >>> connection. If DNS were not correct, we would see DNS errors, not a
> > >>> decrease in available bandwidth, correct?
> >
> > >>> The problem occurs anywhere on the network and appears to be random.
> > >>> I did not capture information from a client machine as the problem
> > >>> is on both client and server.
> >
> > >>> The ISP is making two claims:
> > >>> 1) there is some failure in LDAP causing the problem. I don't know,
> > >>> hence me asking the question.
> > >>> 2) someone is downloading music from the server (.0.2). I am the
> > >>> only
> > >>> one with access to the server, and I do not believe there to be any
> > >>> malware on the server. Further, during one of the slowdowns, I ran
> > >>> a
> > >>> netstat. There were only two connections to the internet and both
> > >>> were related to 'LOGMEIN.COM', the tool I use for remote support.
> > >>> This would never account for 2.5M of bandwidth.
> > >>> Thanks
> > >>> Randy
> > > the 5. address is a hamachi vpn address. It is only active
> > > occasionally for support purposes. During this particular problem, it
> > > is not active.
> >
> > > here is an IPCONFIG /ALL from one of the client PC's: Windows 2000 IP
> > > Configuration
> >
> > > Host Name . . . . . . . . . . . . : LINDA
> > > Primary DNS Suffix . . . . . . . :
> > > Node Type . . . . . . . . . . . . : Hybrid
> > > IP Routing Enabled. . . . . . . . : No
> > > WINS Proxy Enabled. . . . . . . . : No
> > > Ethernet adapter Local Area Connection:
> >
> > > Connection-specific DNS Suffix . :
> > > Description . . . . . . . . . . . : Intel(R) PRO/100 Network
> > > Connection
> > > Physical Address. . . . . . . . . : 00-07-E9-A6-6E-2B
> > > DHCP Enabled. . . . . . . . . . . : No
> > > IP Address. . . . . . . . . . . . : 192.168.0.25
> > > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > > Default Gateway . . . . . . . . . : 192.168.0.1
> > > DNS Servers . . . . . . . . . . . : 192.168.0.2
> > > Primary WINS Server . . . . . . . : 192.168.0.1
> > > The addresses for the OPEN DNS servers are entered in accordance with
> > > the instructions at:
> > >https://www.opendns.com/smb/start/device/windows-server-2003.
> > > In other words, these servers are included as 'FORWARDERS'.
> > > Also, this configuration has worked for some time and has only failed
> > > recently. My suspicion is that there is some failure on the ISP's end
> > > and they do not want to admit it. However, I just want to make sure
> > > that LDAP cannot cause such a slowdown.
>
> my apologies ... x.x.x.2 is not included in the forwarders tab.
>
>
 
Back
Top