We have a strange problem at one of our clients site. Their network is basically Server 2003/XP. About half a year ago we added 2 Server 2008R2 and one W7 machines. Two weeks ago our server 2003 domain controller starting losing connectivity to exactly those 3 machines. All other machines (2003/XP) could connect fine. The only availabe help seemed to be an arp -d on the 2003 ADC. After that connectivity was back up and working perfectly... for some minutes, then it all starts again. The arp entries were OK though - on both partners. I do suspect some update on the 2003 machine that might have provoked this behaviour and I started rolling back all the updates one at a time - no luck up to now though. Nothing else has changed on those systems - SP1 for the 2008R2 machines had been installed some weeks before and without appearent problems. Has anybody out there ever experienced something like this? I'd be really grateful for any hints. ThomasThomas

Hello, are you aware that on the new OS versions the firewall is enabled by default? http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx Please post an unedited ipconfig /all from the new DC/DNS and also the old ones and a problem machine.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

There is still only one DC - the 2003 machine. Those 2008R2 machines do other tasks in the network and they did them fairly well until something happened - whatever that was. I don't think this is a firewall issue, because the problem goes away when I clear the corresponding entry from the arp cache of the dc. I tried setting the arp cache timeout to 5 seconds now, have to see whether that changes anything... This is the ipconfig of the 2003 DC: Windows-IP-Konfiguration Hostname . . . . . . . . . . . . : BORG Primäres DNS-Suffix . . . . . . . : galaxy.local Knotentyp . . . . . . . . . . . . : Hybrid IP-Routing aktiviert . . . . . . : Nein WINS-Proxy aktiviert . . . . . . : Nein DNS-Suffixsuchliste . . . . . . . : galaxy.local Ethernet-Adapter Broadcom NetXtreme Gigabit Ethernet Adapter - Onboard - Link A: Verbindungsspezifisches DNS-Suffix: Beschreibung . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet Physikalische Adresse . . . . . . : 00-0D-56-BB-A2-5E DHCP aktiviert . . . . . . . . . : Nein IP-Adresse. . . . . . . . . . . . : 172.30.6.10 Subnetzmaske . . . . . . . . . . : 255.255.255.0 Standardgateway . . . . . . . . . : 172.30.6.1 DNS-Server . . . . . . . . . . . : 172.30.6.10 127.0.0.1 Primärer WINS-Server . . . . . . : 127.0.0.1 and this is one of the 'problem machines' running server 2008R2SP1: C:\Users\t.kirchtag>ipconfig /all Windows-IP-Konfiguration Hostname . . . . . . . . . . . . : HV02 Primäres DNS-Suffix . . . . . . . : galaxy.local Knotentyp . . . . . . . . . . . . : Hybrid IP-Routing aktiviert . . . . . . : Nein WINS-Proxy aktiviert . . . . . . : Nein DNS-Suffixsuchliste . . . . . . . : galaxy.local Ethernet-Adapter Onboard GBit01: Verbindungsspezifisches DNS-Suffix: Beschreibung. . . . . . . . . . . : HP NC326i PCIe Dual Port Gigabit Server A dapter Physikalische Adresse . . . . . . : 1C-C1-DE-F0-41-16 DHCP aktiviert. . . . . . . . . . : Nein Autokonfiguration aktiviert . . . : Ja Verbindungslokale IPv6-Adresse . : fe80::7060:c78c:f4db:488e%11(Bevorzugt) IPv4-Adresse . . . . . . . . . . : 172.30.6.16(Bevorzugt) Subnetzmaske . . . . . . . . . . : 255.255.255.0 Standardgateway . . . . . . . . . : 172.30.6.1 DHCPv6-IAID . . . . . . . . . . . : 236765662 DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-14-E7-23-77-1C-C1-DE-F0-41-16 DNS-Server . . . . . . . . . . . : 172.30.6.10 172.30.6.1 NetBIOS über TCP/IP . . . . . . . : Aktiviert Tunneladapter isatap.{2023230E-0244-49EC-A7A9-680F33D69740}: Medienstatus. . . . . . . . . . . : Medium getrennt Verbindungsspezifisches DNS-Suffix: Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiviert. . . . . . . . . . : Nein Autokonfiguration aktiviert . . . : Ja thanks for your help! Thomas Thomas

Hi Thomas, According to the ipconifg /all results, the Standardgateway is set as 172.30.6.1. Then, please clarify what the IP address 172.30.6.1 refers to. As running the command arp -d is a workaround right now, I would like to suggest you turn off the Routing and Remote Services on the Server 2003 DC, then retry to run arp -d. Besides, please also run the following commands on the DC to troubleshoot the issue: ipconfig /release ipconfig /flushdns ipconfig /renew In addition, please collect the following files for further research: dcdiag /v >c:\dcdiag.txt netdiag /v >c:\netdiag.txt For your convenience, I have created a workspace for you. You can upload the information files to the following link. (Please choose "Send Files to Microsoft") Workspace URL: https://sftus.one.microsoft.com/choosetransfer.aspx?key=c1561e73-99e6-4404-a3af-a3b17c4766aa Password: k9-vl0)]7o8YV Note: Due to differences in text formatting with various email clients, the workspace link above may appear to be broken. Please be sure to include all text between '(' and ')' when typing or copying the workspace link into your browser. Meanwhile, please note that files uploaded for more than 72 hours will be deleted automatically. Please ensure to notify me timely after you have uploaded the files. Thank you for your understanding. Regards, Cecilia Zhou -------------------------------------------------------------------------------- Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hello, please remove the default gateway as DNS server on the NIC, 172.30.6.1. Then run ipconfig /flushdns and ipconfig /registerdns and restart the machine. In a domain use only the domain DNS servers none else on the NIC. If that is for internet access then configure the FORWARDERS on the DNS server properties in the DNS management console. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Hmmm thanks for your tips - alas none of that seemed to help. The additional DNS-Server is a slave with a copy of the master zone files. None of that had changed. My current solution was as simple as ungratifying - I rolled back the last 5 updates, rebooted and the problem was gone. Looks like my initial guess was not that bad. Of course this leaves me with a server that I cannot update - on the other hand we have the upgrade to 2008R2 in our pipeline anyway, so I'll try to make do until then. Again - Thanks for your help! ThomasThomas