Can an ethernet cable cause issues with a switch ?

[Big Jim]

Customer called me on Friday, they had no internet on any computer and they were reporting either no network cable or IP issues, did some basic troubleshooting on phone but ended up on site.
the setup as follows

Dell server with Windows 2012 server essentials handling AD and DNS
BT router handling DHCP
HPE JG708B 24 port GB switch with everything connected directly (new in 14/11/19)

When I arrived on site I logged into the server physically and it had domain network, I ran a speedtest and it had internet also, but the computers didn't.

I found a network cable to one of the machines trapped in a drawer, I unplugged this and rebooted the switch and everything sprung back into life.
Fine I thought bad cable, I tested the cable and it was working fine, so I plugged it back into the machine it was originally plugged into and everything was working again. i would have replaced the cable there and then but I didn't have one long enough and neither did they. Not a huge issue the office is being completely rewired next Saturday and I am due on site the following monday to terminate and test the new network ports. I will supply all new patch cables at the same time.

They don't normally work weekends in the office, but the owner was in there just checking on things on Sunday and they had same issue again. he tried various things on the phone to me, he tried unplugging "the cable" and various other bits, then restarted the switch again and I think that was what fixed it again. he rebooted a machine after the switch reboot and the domain network came back up straight away

So my question (I think) is can a faulty cable cause a switch to stop functioning correctly ?
Also do the switch ports work in blocks so if there is a problem with the first "block" of ports the rest of the ports work fine ?
Otherwise I guess the switch could just be faulty, although its not very old.
bearing in mind that the cable was connected to my tester and twisted around quite a lot at the point it had been trapped in the drawer and it didn't show a short once on the tester.

I didn't do much testing of cable etc whilst I was there because it is a complete rats nest of cables and extremely dusty due to the nature of the business. Given that its having a rewire on Saturday I didn't think it was worth wasting too much time on.

 

[YeOldeStonecat]

ISP gateway doing DHCP for an active directory network? Yuck! Bet there's some much deeper issues there to discover regarding active directory.

If in doubt with a patch cable, replace it, they're cheap enough, not worth 2 minutes trying to study it.

I have seen switches have a section that's bad.

Hard to say what the cause was, since a cable and a switch were touched. If it's a managed switch, look at logs. Could have been loopback/stp.

 

[Big Jim]

ISP gateway doing DHCP for an active directory network? Yuck! Bet there's some much deeper issues there to discover regarding active directory.

If in doubt with a patch cable, replace it, they're cheap enough, not worth 2 minutes trying to study it.

I have seen switches have a section that's bad.

Hard to say what the cause was, since a cable and a switch were touched. If it's a managed switch, look at logs. Could have been loopback/stp.

unmanaged switch, they only have 5 pcs so not a heavy use.
I can easily set the server up to handle DHCP but I don't think it needs to.

With regards to AD anything I should be looking for in particular ?
there has been an odd issue in the past with a machine losing the connection to AD and I had to re-add it, but I think that was caused by a faulty SSD in the machine itself.
Or a random power cut, the server is on a UPS, but the workstations aren't, Although i am in discussions with the owner about that as well.
There was also an odd issue with permissions on one particular users folders on the server, never did figure out what caused it, but could be due to the fact that 2 people share the same logon because person B likes the way that Person A has everything on their profile, rather than using good practice and sharing files over the network, I can't argue with this one, person B is the owners daughter/office manager. I was asked on my very first visit to set everyone up with their own profile and she still continued to use her dads logon and has since migrated to another users profile when that person was furloughed.
They don't share files across the network (although various shares are setup) but they do have folder redirect so that all user docs are stored on the server.
And they use Sage which is hosted on the server and the data file is also stored there.

Email is O365 exchange, any other software (that I am aware of) runs locally per machine.

 

[YeOldeStonecat]

When you have active directory, clients need to register with the server each time they boot up, log in etc.
Workstations MUST only use the IP of the DNS server(s) as their DNS server(s). Not the routers LAN IP, not the ISPs DNS servers, not other external DNS servers.
ISP gateways either give out their LAN as the DNS server, or the ISPs public DNS servers.

Yes you can reconfigure them to give out a custom DNS server like the DC...BUT...there are other details which aren't handled properly if it's not the DC doing DHCP. Using the server as the DHCP resource keeps active directory tighter.

Most people never notice because things "appear to work OK". But if you crack open event viewer on the server and on workstations...you can start digging into errors. And you'll have higher percentages of workstations losing their computer account in active directory.

Active Directory is built on top of DNS, DNS is the foundation, can't have a good building without a good foundation!

 

[Big Jim]

When you have active directory, clients need to register with the server each time they boot up, log in etc.
Workstations MUST only use the IP of the DNS server(s) as their DNS server(s). Not the routers LAN IP, not the ISPs DNS servers, not other external DNS servers.
ISP gateways either give out their LAN as the DNS server, or the ISPs public DNS servers.

Yes you can reconfigure them to give out a custom DNS server like the DC...BUT...there are other details which aren't handled properly if it's not the DC doing DHCP. Using the server as the DHCP resource keeps active directory tighter.

Most people never notice because things "appear to work OK". But if you crack open event viewer on the server and on workstations...you can start digging into errors. And you'll have higher percentages of workstations losing their computer account in active directory.

Active Directory is built on top of DNS, DNS is the foundation, can't have a good building without a good foundation!

Good to know thanks.

I'll reconfigure server when I am there tomorrow.
BT Hub/router is definitely setup to use the server as the DNS, they are in a rural area and were using a wireless based internet for a while until BT piped FTTP to them, when they switched to BT, the BT guy just connected the hub up in place of the existing one with no thought to network config etc. and no one bothered to call me, so for around 4 - 8 months they were running like this and then AD decided to crap itself and I had to go cleanup and configure the BT hub to use the server for DNS and explain to them NEVER to reset the BT hub without calling me first.


They have just called me with the same issue again by the way, so I have had to talk them through connecting the ethernet cables from a single PC and the server directly into the router to give them one working PC until I can get to them tomorrow morning, so looks like a bad switch.
they use IP phones but they are setup to fallback onto wifi (same network) if the ethernet has no internet, so they can limp by until tomorrow.

I thought the HPE switches were meant to be reliable, its only 18 months old. :/

 

[Mick]

I'd have to second what @YeOldeStonecat says about DHCP. I've had some horrible problems arise when Windows isn't allowed to do its stuff. Admittedly, I can't see quite how this would produce your particular problem but nevertheless, as a 'best-practice' option - would definitely recommend you let the server look after all these issues. Just occurs to me: Have you checked that the server isn't also trying to dish out DHCP leases, as well as the router? Mostly, they are set up with this role. That would give you a whole heap of internet access problems.

 

[YeOldeStonecat]

Have you checked that the server isn't also trying to dish out DHCP leases, as well as the router? Mostly, they are set up with this role. That would give you a whole heap of internet access problems.

Windows DHCP Server service will automatically quit as soon as it detects another DHCP server instance on the same network. (except for an intentional cluster service you configure with other DCs)

 

[Mick]

Windows DHCP Server service will automatically quit as soon as it detects another DHCP server instance on the same network. (except for an intentional cluster service you configure with other DCs)

This is 2012 they're using. I don't doubt what you say, but I thought I recalled having some issues with this same problem myself on a 2012 rig. Mind you - was some time ago and my memory is not what it was

 

[Big Jim]

DHCP is not configured on the server.
This was a client who was initially setup by another IT guy (who's wife/GF happened to work there), then she left and they couldn't get hold of him any more thats when I took over, I tried not to mess with what he had setup too much as its working.


Update on this situation anyway, I have an old Netgear 10/100/1000 switch i have taken up this morning and connected up and everything is working again. hopefully that solves the problem then I can just replace it with a new one on Monday when i am due back on site.

 

[Sky-Knight]

No amount of switch swapping is going to compensate for a poorly configured domain.

 

[YeOldeStonecat]

This is 2012 they're using. I don't doubt what you say, but I thought I recalled having some issues with this same problem myself on a 2012 rig. Mind you - was some time ago and my memory is not what it was

Windows Server has always disabled its DHCP Server service when it detects a rogue DHCP service on the network...it's been that way since, oh...at least Server 2000, if not NT 4.0
There is a registry modification you can run to halt that behavior.

 

[timeshifter]

When you have active directory, clients need to register with the server each time they boot up, log in etc.
Workstations MUST only use the IP of the DNS server(s) as their DNS server(s). Not the routers LAN IP, not the ISPs DNS servers, not other external DNS servers.
ISP gateways either give out their LAN as the DNS server, or the ISPs public DNS servers.

Yes you can reconfigure them to give out a custom DNS server like the DC...BUT...there are other details which aren't handled properly if it's not the DC doing DHCP. Using the server as the DHCP resource keeps active directory tighter.

Most people never notice because things "appear to work OK". But if you crack open event viewer on the server and on workstations...you can start digging into errors. And you'll have higher percentages of workstations losing their computer account in active directory.

Active Directory is built on top of DNS, DNS is the foundation, can't have a good building without a good foundation!

How do you feel about giving out an external DNS like 8.8.8.8 as the SECONDARY DNS server with the main DNS being set to the server IP i.e. 192.168.0.10?

 

[Mick]

Windows Server has always disabled its DHCP Server service when it detects a rogue DHCP service on the network...it's been that way since, oh...at least Server 2000, if not NT 4.0
There is a registry modification you can run to halt that behavior.

Ah! Never to old to learn - thanks

 

[YeOldeStonecat]

How do you feel about giving out an external DNS like 8.8.8.8 as the SECONDARY DNS server with the main DNS being set to the server IP i.e. 192.168.0.10?

I avoid that.
Too many times.....way too many times, I've seen that still cause problems such as failing group policies, and workstations that break their domain computer account (requiring rejoining the domain).

The reason is, workstations query their primary DNS, and if they do not get a response within (x milliseconds...I forget what that small value is), they'll turn and query their secondary DNS.

I'd frequently see this problem on networks with under-spec'd Small Business Servers...el cheapo glorified workstation servers running SATA disks, Small Biz Server not getting rebooted frequently, poorly configured networks with tons of network chatter, so they don't respond to DNS queries fast enough for workstations. Even with servers on decent spec'd hardware...I've seen it enough times.

I understand the IT guys logic.."If the server is down, I still want workstations to be able to hit the internet".
My answer? "Well, first of all...treat the server as a server...and important computer, no el cheapos, you server should NOT be going down. If you're planning your network design around your server going down....well, I sure don't want to be your client!".

On the (should be VERY rare case) that the server is down, takes what...a whopping 38 seconds to remote into the edge firewall, flip on DHCP, and let the workstations surf the 'net while your have the clients server on the operating table!"

I'm fast approaching 30 years doing this gig for business clients...the amount of times that I wish I had a DHCP that blasted out a public secondary DNS server is a big fat zero. The amount of times that I shook my head at coming across that setup...because I'm fixing issues that should not have been there and caused lost employee productivity time (rejoining workstations to the domain, wondering why group policies weren't applying or some database connectivity issue)...MANY.

 

[Sky-Knight]

How do you feel about giving out an external DNS like 8.8.8.8 as the SECONDARY DNS server with the main DNS being set to the server IP i.e. 192.168.0.10?

You don't do this... ever.

UNLESS, the 2nd DNS server is something like Untangle which has its DNS service specially configured to forward appropriate domain DNS queries to the DC. That way, even when the DC is down Internet still works.

Otherwise... the only DNS server on the LAN is the DC.