There’s a lot of things that go on under the covers of a domain joined computer that you just don’t realise most of the time. One of the recent things I was involved in today was the investigation of a client network that had slow internet. Here’s how the problem was investigated.
- From the users desktop – see exactly how the problem manifests itself. For example, if it’s surfing to certain sites, note down exactly what sites the problem occurs with and what pages. You need to do this so you’ve got a very clear understanding of the issue before you start to investigate. Always do your tests from a clean reboot with no other programs open – that way you get more consistent results.
- Now run an Internet Speed test – I use www.speedtest.net for the most part is it gives some reasonably consistent results all round. Note the results.
- Once you’ve got your baseline for the problem – look at the basics. DNS is one of the most common things – so check to see if DNS name resolution is fast or slow. That’s easier said than done, so we’ll cheat for a moment. Change the TCP/IP DNS settings on this machine to point to an external DNS server – say Googles DNS servers 18.104.22.168 but don’t reboot the machine. Do your tests – that you did in Step 1 – is there an improvement? If so all you’ve proved at this point is that the DNS server that this machine was pointing to is not responding fast enough or not responding at all. If there is an improvement DO NOT leave the DNS pointing to the external DNS server. That’s going to then break your computers membership of the Active Directory domain over time.
- Given you found that changing the client computers DNS to point to the ISP or Google fixed it, you need to focus on the DNS server on that the client was pointing to originally – most likely it’s your domain controller in a small business or small business server environment. Check to see that the DNS server service is running correctly. Review the configuration of the DNS server itself. The DNS server itself will have one of three ways to resolve DNS records for any client requesting DNS resolution.
- Method one of DNS is via direct lookup in the DNS zones stored on the DNS server itself. This is typically limited to the internal AD zones that have been built as part of AD, but it might also extend to any other zones that have been created in the DNS Server itself.
- Method two of DNS resolution is where the DNS server will forward all requests it can’t answer itself to a 2nd DNS server. This is known as DNS forwarding and you can see this on the DNS forwarders tab of the DNS servers properties in the DNS MMC. If there is a server listed there, then you need to consider if that server is working correctly. The easiest way to do this is to remove it and substitute a known good server as we did before – why not use the ISP’s DNS or the Google DNS server 22.214.171.124. If that works then you’ve nailed the problem to being linked to that server.
- Method three of DNS resolution is where any of the above fail, there is the option (depending on the DNS servers configuration) for the DNS server to use Root Hints. Root Hints is a list of DNS servers that are the root of the Internets DNS fabric. This list is stored on the DNS server and you can see it on the Root Hints tab. Make sure that it’s populated of course as I have seen it be empty before which means nothing works at all.
Ok – hope that’s been helpful to you – let me know if there are more things like this that can help you investigate and troubleshoot better.