Slow network when chaning default gateway from AD server to Internet router

shogyn

OSNN Newbie
Joined
5 Jun 2007
Messages
3
Hi!
We just received a new internet connection at our office (in northeastern Cambodia). The connection is working, but we have trouble with getting the clients on the network to access the connection.

The problem is the following: We have a Windows 2000 server with Active Directory, DHCP server, DNS server, etc.

When we got the new Internet connection we connected it to a router on the network. After doing that no one could still access the internet. In order for the clients to access the connection, we switched the DHCP server from the server to the router to see if it solved the problem. In one way it did, everyone could now access the Internet. But instead we got big problems with our domain. It took forever to login and communications with the server was very slow.

There are 2 possible problems as I see it:
1. Between the server and the main switch, we have a 1000 Mbps connection. When using the router as gateway, maybe all traffic goes through the router and then to the server, creating a bottle neck at the router, which is only 100 Mbps. But it feels like the speed should be enough anyway.

2. The domain controller wants to be primary default gateway and cannot function properly unless it is the default gateway.

The solution that comes to my mind is that all clients should go to the server first. If the address or name is not found there, the server should redirect them to the router and internet DNS servers. The problem is that I don’t know how to implement this.

Any help or small ideas would be appreciated!

Regards, Jeremia
 

fitz

Woah.. I'm still here?
Political Access
Joined
26 Apr 2004
Messages
4,084
!!! please don't tell me you are putting your network directly on the internet..

Chances are you are using an internal/non-routable/RFC addresses for your internal network handed out by your internal/AD DHCP server (usually a 192.168.x.x or a 10.x.x.x address range). These IP addresses are non-routable on the internet .. meaning, they don't work when connecting to the internet.

Couple things:
1) Get a firewall.. something/anything! between your network and the Internet connection
2) Is your servers and desktop/laptop's on the same IP subnet? for starters..
3) Set the default route in your DHCP scope on your active directory server correctly
4) Set your routers to correct route traffic to the correct subnet (if the servers/firewall is on a different subnet)
5) Get a good book (or other resource) on IP Networking :)
 

shogyn

OSNN Newbie
Joined
5 Jun 2007
Messages
3
Hi!
Yes we use internal addresses for our internal network (192.168.2.x) handed out from the DHCP server located on the windows 2000 server.

1. The router has a built in firewall. As do the server and all clients.
2. I do not know what a subnet is. They are in the same IP range from the DHCP server. I don't know if that is an answer to your question.
3. By default route I guess you mean default "router". So far when I have set it to the server, the clients have not been able to access the internet.
4. Subnets?
5. Thanks! :)

I think I know what the problem is now. I think I tried the right configuration, but forgot to clear the IP leases from the DHCP server and renew the client's IP addresses. I think the right configuration would be the following:

Default gateway/router: The router
DNS server 1: The internal DNS server
DNS server 2 & 3: The ISP's DNS servers

I will get back tomorrow (The clock is 9:30 pm here) when I have tried the settings at work. Thank you very much for you time and will to help me! It is very much appreciated!

Best regards, Jeremia

Ps. I would read many books if I had time. But I don't. I have to learn maybe 5 new subjects each week in order to deal with the tasks I have at hand. And then teach as much as possible to the locally employed IT responsible who only have a finished Cambodian high school education, no IT education. Until just recently I had to do this with an unstable 33.6 kbps dial-up connection. But we finally managed to get an ISP to think it would be interesting to provide "high speed" internet connection. So we now have a 128 kbps connection which we pay $200 per month for. I also do not get any salary for doing all this.
 

shogyn

OSNN Newbie
Joined
5 Jun 2007
Messages
3
Correction: The server and clients does of course not have "built in" firewalls, but installed firewall software.
 

Members online

No members online now.

Latest profile posts

Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
Terrahertz wrote on Electronic Punk's profile.
Yo fellas!
Electronic Punk wrote on Sazar's profile.
Where are you buddy?
Perris Calderon wrote on Electronic Punk's profile.
Hey EP! All good with me, applying for Microsoft MVP right now, should have done this a while ago.

Notifications don't work, I only found your response by coming back to hunt up some threads, if you want, give me your email address so we can keep in touch easier!
Perris Calderon wrote on Electronic Punk's profile.
EP, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there!

Forum statistics

Threads
61,997
Messages
673,411
Members
5,591
Latest member
nodee