Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Experiencing Slow Web Access only on Cold boots 2-3min delay 3

Status
Not open for further replies.
Bullnuts

Bullnuts

MIS
Aug 28, 2002
30
CA
I have two - 2000 SP4 DC’s , Five 2000SP4 Mbrsrvs, 80 XP Sp2 clients 100mb cisco switched network.(portfast on). Only have the 2 default GPO’s, however the previous admin has tweaked them and never backed them up previous. My problem is on cold boot, all pc’s login fine to windows XP SP2, then GPO runs and iexplore.exe launches on startup. Problem is whether the website opening is our internal intranet, Google, yahoo etc. it takes 2-3 minutes “spinning its wheels” before the page opens. This only happens on a cold boot or restart. If I shut down Internet explorer then open it again 5 minutes later, the page is up instantly.

I have referenced the OSI model, and I have good physical network connection, working configured switch ports, DHCP and ADI DNS addressing IP’s, Ping works to all internal host during this cold boot 2-3 minute delay so does (\\servername ip\share). I have tried session layer NetBIOS enabled and disabled (server and workstation), since I use TCP/IP and no WINS and it makes no difference. Layer 6 is the presentation layer where HTTP is usually found and that appears to be my delay point. Since it’s only a delay, and it’s only on cold boot, my best guess is it’s a MS network stack delay, GPO thing or a cisco switch issue.

I have ruled out MS nic stack delay since I can ping remote office and internally after login. I have updated NIC drivers on both ends as well tried static IP’s to rule out DHCP. I have removed the Novell client 4.91 from the client machine (used for couple of Remote drive letters) and still no change. I have tweaked the client side network provider order with no success.

In regards to the GPO, I have tried loading calc.exe in GPO after iexplore, and it appears to work fine, comes up quick(less than 7 seconds after login). I also went as far as to disjoin my test workstation from the domain to a workgroup, delete the workstation account and set a static IP with an ISP DNS entry and the system still took 2-3 minutes to open msn.com or google.ca after logging on to the local machine. So that would rule out GPO completely

Finally I checked and confirmed the Cisco switch ports and “Port Fast” is enabled on all ports. From what I read online some people have had ADS and boot time issues with Cisco switches until they “port fast” them.

I’m looking for some direction at this point…as I have all but exhausted my resources at this point. Only thing I could try next is a complete rebuild of a test workstation and see how it acts as I join it to the domain and install corp software piece by piece.

Has any one ever used Windows 2000 Default Group Policy Restore Tool? Any success or failure stories?

Thank You
 
Sort by date Sort by votes
Just a couple questions to help narrow the things down.

What are you using for antivirus software? Have you tried disabling this to see if it had any effect? Or is there any other software that may be consuming resources at startup?
You could also look at memory/cpu performance during startup by launching a perfmon before iexplore in the GPO (test GPO applied only to a test machine of course) to see if resources are peaking or not.

Have you tried disabling the IE startup in the GPO and adding a program that would consume the same amount of resources as IE (Maybe MS Word or something)? You said you replaced iexplore with calc, but I don't think that'd be a sufficient test due to the resource differences.

Do you get anything in the event log?

-jhaith
 
Upvote 0 Downvote
I'd suspect a startup-scan is running as jhaith alluded to, especially with the fact that it happens every cold-start for about the same amount of time.
 
Upvote 0 Downvote
Thanks for the idea's. Event logs are clean. First thing I will try is having MS Word 2003 load on startup via GPO instead of iexplore and see what happens.
I believe the workstations all have Symantec AV 9 Corp ed. I will unintstall/restart and see if it makes a difference.

I Really appreciate the input!

Best Regards,

 
Upvote 0 Downvote
If you're running Symantec Corp, I'd just go to the console, right click on the client group, go to All Tasks, Synantec Antivirus, Administrator Only Options, and look at the tab labeled "scans". See if there is a startup scan checkbox that is checked here. If there is, that is a likely cause of your problem.
 
Upvote 0 Downvote
I'm still going to point the finger at the "MS NIC stack delay". Just because you can ping does not mean that all other network functionality is there. DNS resolution might not be working correctly, or IE launches before the stack is ready, then the stack is ready but IE has to time out before it retries, etc.

The proper way to test whether it's the delayed start of the networking stack is to enable the "Wait for network" group policy. I'd be willing to bet that this will resolve your issue.
 
Upvote 0 Downvote
Great posts! Lots of ideas!
Well I tried MSword on load(GPO) and it wasn’t so speedy either. WRKSTN perfmon showed system maxed cpu/ram for couple of minutes.

The Vscan has not been configured for central mgmt yet…(next project) So I simply went in and turned off the file system and Email auto protect options and cold booted. Dropped IE load webpage time to 1:40 from 2:30-3 minutes. Not bad.

Took it to the next level and Uninstalled the entire Norton client security and AV suite and shutdown. To my astonishment, IE page loaded after login in 7 Seconds…I retested 3 more times to verify…WOW. Norton is a p*g!!!

Well I still need all PC’s to have AV installed and obviously we have a Corp contract with Norton (changing mfgs is not an option at this time) so after some tweaking/Trial & error I have come up with a realistic solution that balances on security and speed.

Basically I have found that if I stop and set to “disable” the following services, my AV still works and my cold boot times IE page loads are between 12-16 Seconds

Symantec Network Drivers Service
Symantec Network Proxy
Symantec SecurePort

Reason I noticed the client firewall issue was every time the PC cold booted even with the Norton firewall turned off it would still sit at the Norton console “Refreshing” for 1-2 minutes, then pick up the settings of disabled and then the system would spin along to the next task, which was IE.

Thanks again to all for the Posts!
 
Upvote 0 Downvote
Good catch. Just keep in mind that these services are for Norton's firewall/proxy service. When your clients access the web they are actually going through a Norton proxy on their own PC which does antivirus/antimalware/antiphishing filtering before it allows the data to get to the web browser. By disabling those services you will be losing that protection (which I would not recommend).

Now that you know what is causing the issue, can you convince your people to just cope with it as part of the startup process?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
455
gbaughma
gbaughma
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
290
Aquiles Vidal
Aquiles Vidal
DeepuM
  • Locked
  • Question
Web Response returned Web Exception : The underlying connection was closed error | Simphony & QS
Replies
0
Views
192
DeepuM
DeepuM
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
133
hairlessupportmonkey
hairlessupportmonkey
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
151
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top