Internet Access Fails - but everything is working!

[Nav209]

Hi,

I’m looking for some help with network settings. I’ve just started a new job (non-IT!) and we have problems with our office network. I’m the most IT literate in the organisation (15 permanent employees) and so have been dealing with IT issues. Our main bit of software is web-based so we need constant web access but it sometimes goes down for between 20 minutes and 3 hours despite everything seemingly working fine.

It’s a flat network with wireless APs, BT Business Broadband 8Mbit connection and that’s about it. We have no servers and no standard settings and staff are encouraged to bring in their own laptops and connect! The network basically exists to provide internet access and that’s it. We also have students accessing the wireless (and I know there’s a whole list of access and content issues etc but right now we just need internet access stabilised).

This is what we have:

Building 1
Cisco SLM-224P 24-port PoE 10/100 switch with 2 gigabit ports
3 x ZyXEL NWA-3160 wireless APs
Samsung OfficeServ 7100 phone server which borrows the building’s wiring

Building 2
Netgear GS605-UK 5-port 10/100/1000 switch
1 x ZyXEL NWA-3160 wireless AP
1 x BT Business Hub – 2wire BT2700hgv – is the DHCP server

We have 2 link cables between the buildings. One connects the two switches on a gigabit port. The second (oddly) connects the switch in building 2 to the OfficeServ server in building 1.

When the internet goes down I can still access the router through a wireless connection. I can also ping websites and get a response. Firefox just says “Cannot connect” etc. The system then heals itself when it feels like it.

(Sorry if this is asking too much but) These are my immediate questions…

1. Why would browser-based internet go down? I don’t know enough about protocols etc but I can try to standardise settings.

2. The WAPs have a DNS server setting and I don’t know whether it should be “None” or “From DHCP”.

3. What should be the DHCP server? The router or the Cisco switch? Or something else?!

4. Would there be any problem in connecting the second link from switch to switch? Is that good practice?

5. Is it worth swapping the Netgear GS605 with either a Cisco SG200-08 or Netgear GS108T-200?

6. Is it worth upgrading the router to, for instance, a Cisco RV042G Dual Gigabit router which would also act as a switch? Or is it better to have a separate router and switch in Building 2?

Any guidance would be appreciated!

Thanks,

Naveed.

 

[devnull]

What exactly goes down? All PCs fail to connect to internet web sites at the same time?

Can web sites be reached by pinging their URL addresses? (e.g. "ping www.yahoo.com" from command prompt)

During the next outage, take note of the address of the DNS server being used and also the address of the DHCP server ("ipconfig /all"). After that, see if flushing the DNS cache helps ("ipconfig /flushdns").

1) There are several possible causes. If a device on your local network is providing DNS service (most likely the BT2700) for the network and is failing or receiving corrupted results, this would cause issues. Your BT2700's firewall could have a policy set to limit bandwidth or restrict access under certain conditions. Specifically it may be blocking HTTP requests, which would explain why web page access doesn't work but you're able to ping.

2) The Zyxel units probably don't need to have a DNS server configured. Judging from the manual, it won't have any effect on the performance of the PCs on the network.

3) There's no reason for the BT2700 to not be the DHCP server, but make certain that it is the one and only active DHCP server on the network. That Cisco switch doesn't have a DHCP server service built in. As well, it seems that no other device except for the BT2700 has a DHCP server service. It's possible there's some other device on the network with a DHCP server service, even one of the client PCs.

If there is a second DHCP server on the network, occasionally PCs will pick up a configuration from it that points to a DNS server that doesn't exist or not accessible on your network.

4) There is a best practice case for connecting both gigabit lines to the Cisco switch.

By the default settings, if you do connect both gigabit lines to the Cisco, all it will do is disable one of them. It can be configured to keep that port standing by in case the first fails, but I think that's a bit beyond your skill level. It would have to be set up by someone that knows precisely how to configure it, and that is something that I'm not willing to give away freely.

There are several reasons to have the OfficeServ connected to the nearest switch as well. The network interface of the OfficeServ will have been designed for a LAN environment, and not designed to compensate for the unique issues of long ethernet cables. As the gigabit cable degrades, it can accrue interference and electrical resistance issues. The OfficeServ will not be able to detect and compensate for such issues. It's likely that the connection will have intermittent or complete failures even though the link lights are indicating a good connection. The Cisco switch is designed for such things and the gigabit connection will have better performance over it's lifetime while connected to the Cisco.

There are also practical reasons but it's not necessary to go into that now.

5) Probably not. There could only be a minimal performance gain and you don't need the features of a more advanced switch right now. Adding complexity to your network is certainly not something to be considered when it won't solve the problem that is interrupting your business.

6) Upgrading the router at this point probably won't give any benefit. The only case for replacing your current router is if it is broken. It should be able to support much more than 15 simultaneous web users.

 

[Nav209]

Many, many thanks.

Thanks so much for the reply.

I take your points about not upgrading what is not obviously causing difficulties.

I found one of the problems: Users who found they could not get web access were on a 169.xxx.xxx.xxx web address whereas the router is on 192.168.1.254 as ever. This was a common feature for a number of "disabled" PCs. I also noticed that the router was meant to be DHCP assigning addresses from .64 to .250 or so. It said there were 5 addresses left to assign. Assigning static IPs fixed this but they had to match the already assigned IPs in the router for it to be happy.

I found a post about the BT hub and DNS servers so I did some homework and have chosen to manually configure the hub and the APs and all the office PCs with OpenDNS settings, which made things better, briefly.

Next I found a post about the BT-2700 hub. Someone experienced the same issues we do a couple of years back. It turned out to be too many "active internet sessions" (max is 1500 and they had about 15 users too) and they replaced their ADSL router and everything was fine.

I have today installed a Billion BiPAC 7800N and the address assignment is far, far faster and so far (it's only been a couple of working hours) there have been no crashes. Also it's 11.n so coverage in the building will hopefully be better too. I can't say I like the Billion web interface however - very poorly put together.

I also bought the NetGear GS108Tv2 and an 11.n access point attached to the second gigabit port on the big Cisco hub (so the redundant link cable will have to wait) for where the students congregate with their laptops. We will still have to see if that causes the network to fall over.

Tomorrow will be the big one... Seeing if we stay afloat or not!

Thanks for your time and help.

 

[devnull]

For the PCs that you manually configured addresses to, see if you can add DHCP reservations on your router.

A PC with a manual address will not notify the DHCP server. This means that the DHCP server can assign that address to another computer, which will cause a conflict.

If your router doesn't support DHCP reservations, you'll have to manually configure addresses outside of the range that the DHCP server is providing.