I'm not sure which forum to put this in because it involves different systems. My problem is that I have a 2008 R2 DC and a 2003 TS. Those servers share a simple Gb switch that then connects to a "smart" 100Mbps switch on another floor. All connections go out through a firewall/gateway. All PCs in the domain are XP except a new laptop that has Win7 64bit. For some reason, the laptop and the 2003 server lose connectivity. There is a shared folder on the 2003 server that the user has a mapped drive (and a shortcut) to. Sometimes the user can connect and open a document, but after about 5 minutes, the connection drops. If I begin a ping from the laptop to the 2003, I can see it simply stop responding after a while. On the 2003 server, I see the same thing. The ping just drops after a while. Today, I pinged the laptop from the server, and the first ping succeeded and the rest failed. ??? The laptop can talk to the 2008 server with no problems. There are other shared folders on that server and the laptop never drops the connection. The laptop always keeps full connectivity to the Internet and other resources. Other XP PCs have no problems staying connected to the 2003 Server. Only this laptop is having issues. So something is wrong in the relationship between only the laptop and the server. Other weird issue: The 2008 server and the 2003 server also lose connectivity to each other in a similar way as the Win7 laptop. I solved this issue by creating a constant ping from the 2008 server to the 2003 server. As long as they are pinging, they keep the connection alive. However, this doesn't work with the laptop. Also, I did an arp -a on the laptop, and noticed once that the MAC for the 2003 server was wrong. It was actually reported as the firewall/gateway. The 2003 does have a public IP, but obviously this isn't used internally. The failing pings and mapped drives were done using the private IP. I've tried many things based on research including changing the Network authentication policy on the laptop. Nothing seems to help. I can sometimes restore the connection by restarting the network services on the laptop or restarting it. But the connection only lasts for maybe 5-10 minutes before it drops again. Also, as far as I know, there are no IP conflicts for the 2003 server, and if there were, I believe other XP PCs would be experiencing the same disconnects. I've never seen anything like this before. Help?

Hello, if ping commands result in some replies it is often the physical layer on the network, NICs, switches, cabling and NIC drivers. So start here first to make sure all is fine. If this is not a problem let's go on with DNS, please post an unedited ipconfig /all from the DC/DNS server, the TS and the Windows 7 machine so we can verify some settings.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Here is the ipconfig /all for the DC/DNS: Windows IP Configuration Host Name . . . . . . . . . . . . : SERVER-DC1 Primary Dns Suffix . . . . . . . : stone.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : stone.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet Physical Address. . . . . . . . . : 1C-C1-DE-6E-6D-A5 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.250(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.250 192.168.0.254 8.8.8.8 8.8.4.4 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet Physical Address. . . . . . . . . : 1C-C1-DE-6E-6D-A4 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{B14CEF4B-6D96-4572-8D19-8E67DE479C7A}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter isatap.{31C09652-DD3D-4109-B2A9-1685FC0F4125}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2 Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Teredo Tunneling Pseudo-Interface: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Here is the ipconfig /all for the TS: Windows IP Configuration Host Name . . . . . . . . . . . . : appserver Primary Dns Suffix . . . . . . . : stone.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : stone.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) Physical Address. . . . . . . . . : 00-18-8B-3D-32-58 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.1.249 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.250 192.168.0.254 8.8.8.8 These servers were taken off of the intermediate switch and plugged directly into wall jacks, and the problem still occurrs. The connection drops randomly between these servers.

have you tried upgrading the NIC drivers on the servers ?http://www.virmansec.com/blogs/skhairuddin

Hello, remove the public DNS servers 8.8.8.8 and 8.8.4.4 from the NIC of the domain machines. Configure them as Forwarders on the DNS server properties in the DNS management console instead. After the change run ipconfig /flushdns and ipconfig /registerdns and restart the netlong service on DCs and reboot TS/workstations. What is 192.168.0.254 for a machine, domain DNS server? It is not the DC nor another machine you menitoned here.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

I haven't updated the NIC drivers. I suppose I can do this on both servers, though the TS seems to be the troublemaker. Meinolf, I can make that DNS change. Is there any harm in having 8.8.8.8 in the DNS servers list? I understand it is probably not necessary. The server 192.168.0.254 is the other DC/DNS server across the WAN. I haven't had any problems with it, but it doesn't host files/apps that are needed by appserver (TS).

Hello, the "harm" having public DNS servers on the NIC of domain machines is your result with the existing problems of losing connectivity. REMOVE them and use FOrwarders oinstead as mentioned.Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Hi JayIT8 Meinolf is correct. you should create forwarders on your internal DNS server or servers and all member servers and clients should point to your internal DNS server.Normally for many organisations it should be DC with DNS on it. if you are pointing to external DNS it will create problems. I was wondering where is Ipconfig/all for Win 7 x64 bit client? as this is the only client which got a problem!!! I will also suggest you to compare DNS settings of 2003 and 2008 server with other servers in your organisation..

All, rahulnz, I left that off because the person is offsite with their laptop. But the issue is exactly the same between the servers, so I figured if I solved one side, I would solve both. I made the changes in DNS and updated the NIC driver on the 2003 TS. I ran flush/register on the DCs and restarted netlogon service. I also stopped the constant ping between SERVER-DC1 and APPSERVER. For some reason the problem does not occur as often as long as a ping is started on server-dc1 and continues to ping appserver. Then I restarted the TS (appserver). When the server came back, APPSERVER was not able to ping server-dc1. This is the problem I am facing. I had to connect to server-dc2 and then remote to server-dc1 from there. When I ran arp -a from server-dc1, this is what I got: Interface: 192.168.1.250 --- 0xb Internet Address Physical Address Type 192.168.1.1 00-0b-be-d3-7c-4e dynamic 192.168.1.90 00-13-72-0e-c3-fd dynamic 192.168.1.91 00-13-72-27-0f-e8 dynamic 192.168.1.92 00-1e-c9-3a-13-49 dynamic 192.168.1.93 00-16-76-cc-c5-e9 dynamic 192.168.1.94 00-1a-a0-2c-a0-28 dynamic 192.168.1.95 00-1e-c9-3a-1d-6a dynamic 192.168.1.96 00-1e-c9-39-db-fe dynamic 192.168.1.98 00-1e-c9-39-dc-aa dynamic 192.168.1.99 00-0b-4f-26-62-61 dynamic 192.168.1.100 00-16-76-ad-d9-fc dynamic 192.168.1.101 00-13-72-0f-c0-3f dynamic 192.168.1.102 00-1e-c9-39-fb-a6 dynamic 192.168.1.103 00-13-72-0e-c1-32 dynamic 192.168.1.104 00-25-86-cb-36-87 dynamic 192.168.1.106 00-1b-24-bf-64-5d dynamic 192.168.1.107 54-42-49-f2-80-a8 dynamic 192.168.1.109 00-1b-24-bf-64-5d dynamic 192.168.1.110 00-1e-c9-39-dc-e0 dynamic 192.168.1.111 00-16-32-96-48-8d dynamic 192.168.1.112 00-1b-24-bf-64-5d dynamic 192.168.1.113 00-1b-24-bf-64-5d dynamic 192.168.1.114 00-1a-a0-5e-a3-ce dynamic 192.168.1.115 00-1e-c9-3a-13-a4 dynamic 192.168.1.117 00-1b-24-bf-64-5d dynamic 192.168.1.118 54-42-49-f2-80-a8 dynamic 192.168.1.119 00-1b-24-bf-64-5d dynamic 192.168.1.120 54-42-49-f2-80-a8 dynamic 192.168.1.121 00-1b-24-bf-64-5d dynamic 192.168.1.123 54-42-49-f2-80-a8 dynamic 192.168.1.126 00-1e-c9-39-dc-5c dynamic 192.168.1.244 00-00-74-b4-f5-7d dynamic 192.168.1.249 00-0b-be-d3-7c-4e dynamic 192.168.1.255 ff-ff-ff-ff-ff-ff static 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.252 01-00-5e-00-00-fc static 239.255.255.250 01-00-5e-7f-ff-fa static Notice what I put in bold. The MAC address for APPSERVER is incorrect if you check the ipconfig /all from above, you'll see the MAC should be 00-18-8B-3D-32-58 ... Also notice that this is the same MAC as the Gateway (192.168.1.1) which is the first IP in the list. Now why would this be happening? If I run arp -d * and clear the list, 192.168.1.249 is re-added with the same MAC.

I should also mention that to fix this problem, sometimes a person at that location pulls the CAT5s out of the intermediate NetGear switch, counts to 5, and plugs them back in. Sometimes a reboot helps too. But not always. This time a started a ping from SERVER-DC1 and rebooted APPSERVER again. As soon as it came up, the ping succeeded and the arp -a now shows the correct MAC. If I run arp -d * and clear the table on SERVER-DC1 I immediately lose connection. So it appears that whenever the arp entry times out, the connection drops. Another arp -a shows the MAC has changed back to the same as the Gateway. Now if I run arp -d * on APPSERVER, the connection is again restored to SERVER-DC1. If I haven't mentioned this yet, APPSERVER was moved from across the WAN on a 192.168.0.0 network to the 192.168.1.0 network. Maybe server-dc1 still thinks it is on the other network?

Hello, make sure all DNS forward/reverse lookup zone entries form the old ip address are cleaned. Please post again an unedited ipconfig /all from the servers here. Additional run up to date AV software on the machines as an arp -a should not provide 2 ip addresses for one MAC as it is shown in yours. Here are just 2 of moreexamples: 192.168.1.112 00-1b-24-bf-64-5d dynamic 192.168.1.113 00-1b-24-bf-64-5d dynamicBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Sorry for intruding here, but about 2 days ago one of our clients started to have similar problems, which seem to have started since our 2003 DC was restarted after installing updates. We have one Win7 and 2 2008R2 machines that loose connectivity to that DC about twice a day. A arp -d <IP of Win7/2008R2 machine> solves the problem for the next few hours. On the DC we see a similar picture, although our problem rather consists of 2 MAC addresses being cached with the same IP-address. Before delving into details here, I wanted to know, how AV software could be capable of confusing arp as seen above? I haven't found anything yet, but are you aware of a recent update for Server 2003 that might have provoked such behaviour? Thanks for any clues about what might be happening here... Thomas