Network slow after removing old DC 7

[M3Fan]

I have a small business network with about 65 users and 6 servers. All of our current servers are W2k3 boxes and one of those boxes is our new DC. Our previous DC was a W2K box. For a while, they were both DCs in parallel. I transferred the FSMO roles to the new DC using the command line utility and then used DCPromo to demote the old W2K box. DNS was also set up on the new DC, as well as DHCP. All was well and it seemed that everything had transferred over just fine.

Here's the problem: when I turn off the old W2K DC the network slows down considerably. When I power it back on, the network moves along swimmingly, instantly. What could this be? When I say the network slows down, I mean that mapped drives take 30 seconds to open, RDP client takes 30 seconds to open, Outlook absolutely crawls, IE hangs, etc. on most of my clients. It's a huge, noticeable difference. What remnants of the old server could be out there?

 

[TechyMcSe2k]

Possibly, your clients have not received the new DHCP lease with the proper DNS entries. The clients are probably stil trying to hit the old DC for DNS, and then failing over to their secondary DNS entry....

Just a thought.

 

[M3Fan]

Thanks for the reply- I should mention that DHCP and DNS were moved over long before the FSMO roles and the demotion so the DHCP records have been correct for about a year.

There were, however, 2 DNS records on the new server that pointed to the old server. They were in:

Forward Lookup Zones > Domainname.com >
One record was:
Name: (same as parent folder)
Type: Host(A)
Data: Old server IP

The other record was:

Name: (same as parent folder)
Type: Name Server (NS)
Data: Oldservername.domainname.com

I just deleted those out today but didn't see an instant improvement. Perhaps this was part of the problem?

 

[TechyMcSe2k]

I believe those would be part of the problem. Check your DNS forwarders for your particular domain. Also, if you are using Reverse Lookup Zone, you may need to check in there for lingering records. also check in your _msdcs.domain.*** zone to see if there are records in there as well.

 

[M3Fan]

How do I check the DNS forwarders?

 

[Davetoo]

Third one down:

http://letmegooglethatforyou.com/?q=DNS+Forwarders+Windows+2003

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[M3Fan]

Davetoo- that was funny. Thanks!

 

[M3Fan]

I just realized that DNS is still running on the old DC. Should I uninstall DNS services? Can they be uninstalled?

 

[Davetoo]

Just stop the DNS Server service and see if the problem appears right away. If it does, then that confirms your clients are still getting config info pointing to the wrong server.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[TechyMcSe2k]

That is AWESOME Davetoo! I am sure we will see that link used a lot in this forum.

 

[58sniper]

Davetoo- that was funny. Thanks!

I think it was meant as a hint, not as a joke.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.

http://www.ucblogs.net/blogs/exchange/

 

[cmeagan656]

@Davetoo
Excellent link!

@M3Fan
In addition to the network being slow when the old DC is shut down does it also take the users a long time to log on to the clients? If so, it could be that the clients are manually set to point to the old DC for their DNS and are still pointing to it.

Cheers.

 

[M3Fan]

A little more info on the problem:

If I stop the DNS Server service on the old server, the network speed is unaffected. So I'm guessing it doesn't have to do with DNS.

Once I unplug it, network performance takes a tumble. Cmeagan656, the logon time is a bit longer but not horrible. All the clients are set to DHCP and the DHCP settings point to the new server for everything.

 

[TechyMcSe2k]

What other services are installed on your old DC? It must be doing something on the network that allows peace and harmony....hmmm Do any of your routers have static routes defined to this server...not sure y, but I'll throw this out there. Are you doing any RRAS, Proxy, ISA, IAS for VPN, ....grasping for clues here. Let us know what services you see on that server.

 

[M3Fan]

Here are the services installed on the server. Most are running, some are not. If any of them pique your interest let me know and I'll tell you if they are running or not. This server was the "everything" server for years and years so it has all kinds of artifacts on it.

.NET Runtime Optimization Service v2.0.50727_X86
AdminService for PROGRESS 9.1D
Alerter
Application Management
ASP.NET State Service
Automatic Updates
Background Intelligent Transfer Service
Backup Exec Remote Agent for Windows Systems
ClipBook
COM+ Event System
Computer Browser
DHCP Client
Distributed File System
Distributed Link Tracking Client
Distributed Link Tracking Server
Distributed Transaction Coordinator
DNS Client
DNS Server
DSM SA Connection Service
DSM SA Data Manager
DSM SA Event Manager
DSM SA Shared Services
Event Log
Fax Service
faxinit
File Replication Service
File Server for Macintosh
GFI FAXmaker Fax Server
GFI FAXmaker Message Transfer Agent
HP Web Jetadmin
IIS Admin Service
Indexing Service
Intel Alert Handler
Intel Alert Originator
Intel File Transfer
Intel PDS
Internet Connection Sharing
Intersite Messaging
IPSEC Policy Agent
Kerberos Key Distribution Center
License Logging Service
LiveUpdate
Logical Disk Manager
Logical Disk Manager Administrative Service
Machine Debug Manager
Messenger
Microsoft Exchange Management
mr2kserv
Net Logon
NetMeeting Remote Desktop Sharing
Network Connections
Network DDE
Network DDE DSDM
NT LM Security Support Provider
Performance Logs and Alerts
Plug and Play
Print Server for Macintosh
Print Spooler
ProService for 9.1D
Protected Storage
QoS RSVP
Quark License Administrator Server 3.5
Remote Access Auto Connection Manager
Remote Access Connection Manager
Remote Procedure Call (RPC)
Remote Procedure Call (RPC) Locator
Remote Registry Service
Removable Storage
Reporting Agents
Routing and Remote Access
RunAs Service
SavRoam
Security Accounts Manager
Server
Simple Mail Transport Protocol (SMTP)
Smart Card
Smart Card Helper
SNMP Service
SNMP Trap Service
SPBBCSvc
Symantec AntiVirus
Symantec AntiVirus Definition Watcher
Symantec Event Manager
Symantec Settings Manager
System Event Notification
Task Scheduler
TCP/IP NetBIOS Helper Service
Telephony
Telnet
Terminal Services
Uninterruptible Power Supply
Utility Manager
VMware Converter Service
Windows Agent
Windows Agent Watchdog
Windows Installer
Windows Management Instrumentation
Windows Management Instrumentation Driver Extensions
Windows Time
Wireless Configuration
Workstation
World Wide Web Publishing Service
XVGA

 

[M3Fan]

ANOTHER CLUE: I installed a packet sniffer on my client PC. When I do something that typically slows things down to a crawl with the old server off, guess what? I get an outbound request to the old server's IP, for the Netbios service. Any help?

 

[TechyMcSe2k]

Did you make your new DC a Global Catalog?

 

[TechyMcSe2k]

Also, do a net view %logonserver% to see which on is authenticating the computers

 

[M3Fan]

I transferred all FSMO roles to the new server- hopefully that included the GC. The network will run just fine with this server off- it's just really slow.

The Net view command does in fact return the new server name.

 

[TechyMcSe2k]

Check in your Sites and services and click on properties under NTDS Settings for your new server. Verify the Global Catalog is checked