[SOLVED] Internet slow when connected to domain

[ck1402]

Hey everyone!
Below i am outlining the environment.
1 Host Server
4VMs
one of the VMs is Server 2012 R2 and it handles the DNS, DHCP, AD DS (etc)
Client stations are about 50+ mixed between XP (i know i know) Windows 7, Windows 8

Networking is Cat6
Three Switches
2 Dell Powerconnect 2848
1 Netgear GS-752TP (they had 3 powerconnect and one recently decided to die)
Firewall
Sonic Wall NSA220

The issue i am having is in particular to two different sites Mcmaster.com and Unline.com
However it occurs with almost any database driven search. When they navigate to these sites the load time is extremely slow. However when i disconnect from the network they pop up quickly.

My client said they had this issue in the beginning when they first moved to this location. However they never told me what the resolution was for it. I took over the IT management about 8 months ago.

I have migrated their AD, DHCP, and DNS from server 2003 to Sever 2012 R2 that was about two months ago. It seems this started to happen roughly a few weeks ago. It's not just one system, its all the systems overall.

I recently configured the forwarders in the DNS with the isps and googles 8.8.8.8 hoping that might have been an issue and the sonicwall being overloaded.

There's no paid services that are active in the sonicwall

I manage them using LogicNow and the environment is mixed with the Vipre and slowly converting over to Bitdefender.

There is web filtering that is active. However the ones who do these searches the most do not have the web filtering active. This business is basically two business mixed in one, half of them have the filtering the other half doesn't.

I am not sure if anyone else has has this issue before and any information would be great. Please if you need more information ask and i will be gladly to let you know.

Thanks!
Chris

 

[putz]

When you say you disconnect from the network what do you mean by that? Are you switching to some completely different internet service all together that bypasses the entire network? Have you tried connecting a laptop directly to the ISP modem to see if it is somehow related to the internet service/connection? That's where I would start.

If things work with a direct connection to the ISP device then from there just start peeling back the layers and removing components 1 by 1 until you find the culprit. Double check Firewall settings, ACL's, QoS and any bandwidth throttling settings, DNS settings on the firewall, disable or bypass any in place web filtering or web proxies that your endpoints are pointed to or that are connected to upstream (transparent-style), etc...

If you weren't using DNS forwarders before and were using root hints... make sure you have cleared the DNS cache on the server after you have configured the forwarders and flush the dns cache on the client. Or, try statically assigning the endpoint a different DNS server (other than internal servers) something like googles public DNS to rule out an internal DNS issue. I have seen slow browsing issues with domain DNS servers that just use root hints instead of DNS forwarders.... im not sure exactly why, I presume it might be a stale cache thing.. I know best practices are to use root hints but I'll typically use forwarders and use root hints as a fall back if the forwarders are unavailable.

Good luck!

 

[ck1402]

Thanks for the reply,
When i say disconnect i mean disconnecting it from the domain.
The sonic wall is not handling any DNS, DHCP, or web filtering all of those functions have been disabled.

I am going to double check the ACL's, QoS, and bandwith settings. I am thinking it might have something to do with the proxies. However the issue that they are having only recently started, and i have not made any changes to the SonicWall.

When i was troubleshooting the switch that was replaced, i initially thought it was a DNS issue on the server since i was getting a DNS error. I removed the DNS and added back in with the same settings. The issue ended up being the PowerConnect switch die and i had to replace that. After i had done that there were some network connectivity issues for about a day. I will look on the switch to see if there is a QoS running on it that might be chomping down the bandwidth.

I never flushed the DNS cache after i added the forwarders in. I will also manually change one of the work stations to see if it is an internal issue as well. I'll let you know the results.

 

[ck1402]

Update - -
I changed one of the stations to static dns and flushed the dns it didn't help any.
I did clear the cache for the DNS server as well.
So i do not think it is a DNS issue persay.
The only thing i could think of being issues are
1. The new switch i put in
2. The SonicWall
3. The Modem
SonicWall and Modem i say because they got unplugged when the switch was replaced so it might have reset some of the settings.
When i checked on the sonicwall everything looked as it should.

I have not been able to be physically onsite so when i do i am going to connect to the modem to see if there is a issue in bringing up the webpage, then the sonicwall, then the switch.

 

[ck1402]

Solved the issue.
It was on the Sonicwall
Content filtering was set to via user and zone screens
Switched it to Via App Rules
Must have happened when it was unplugged at somepoint