tobascofred |
Are ALL PC’s unable to access network resources?
The switch replacement may have been a shot-gun approach, but if all PC’s are loosing access, the switch was a common part, so not a bad start.
There are a number of layers that the problem could be (think OSI). Ensure that at least one computer has ICMP enabled (SP2 firewall by default drops ping requests) - have this PC set on a static IP address so that the next time the freeze occurs, you can see if physical / datalink / network connectivtiy is still there, but possibly higher level functionality is inhibited (prossibly your Novel controller has dropped all users access to shared resources). Hmmm, speaking of static, are your PC’s getting DHCP or are static IPs in place? If DHCP, next freeze, on one affected PC go to a command prompt, issue ipconfig - see if you have a valid IP address for your sub-net (remember - 169.254.X.X addresses are NOT valid). If no valid IP, do ipconfig /renew and see if you get a new lease.
stevesz |
i would take it that you have checked the settings on teh NIC to ensure that is is set to automatic for determining the connection speed. Often times, when that is not set to automatic, but to a specific speed and duplex mode, it may fail. Another thing you can do is to check the boxes to show the connection and when there is no connection. If it shows a connection, but you cannot reach the network or Internet, you may be on your way to resolving the issue.
Since the switch you have, if that was a typo, is a managed switch, you can look into that to see if it thinks it is still connected to the machine(s) in question. If it is not, then you may have a problem with the NIC itself, or the cabling. If you can, run a cable from each of several of the affected machines. If these machines are no longer affected, you’ll need to get someone to recable those runs to the affected machines. If this is not the problem, if you have NIC cards and not built-in NICs, move a few of them to another slot, then replace them is there is still a problem.
If that does not resolve the issue, Move a known good machine or two into the location. If this is the resolution, you are probably looking at bare metal installs with the affected machines. If you stil lhave a problem, I’m out of ideas.
marcola |
Another troubleshooting step to take is to turn off all PC’s on your network. Turn them on one at a time and check connectivity and repeat the process until all PC’s have been booted. You can isoloate a workstation if it is a bad NIC or cable that is causing the problem.
This would not be a suitable step in a larger environment but with only 20 machines on the network it will be a quick step.
A bad NIC can cause lots of problems on your network especially if it’s connection is valid but it is garbling your data packets.
paul144hart |
Are any of the PC’s tied together through passive hubs? You could be having too many errors and the adapters shut down. Looking at the switch and seeing if multiple MAC ID appears on each port will confirm this
Rather than re-boot, script deleting the adapter then starting the device manager search for new hardware (in the gui appears like a play button)
ajay42usa |
Run a packet sniffer like Ethereal from one of the PCs to see what is happening. It could be a broadcast storm, or duplicate IP conflict, etc. Unless you look at the data capture, it is hard to determine the right reason.
Cheers,
Ajay
j88tru |
There are several ways to attack this problem and the other posters all have good ideas. From my networking experience, I would point out the following:
1. The “switch” you bought is a Layer 3 Switch, “Linksys 48 port switch - SRW248G4″. Layer 3 is the Routing Layer, so you do not have a simple switch, even if L3 is turned off. You didn’t say what type of switch you replaced, but if it was a simple Layer 2 Switch, you may have inadvertently complicated your troubleshooting. Occasionally, these smaller L3 switches seem to get lost and start blocking ports. I suspect they decide to start routing or pop in a bogus VLAN setting. The cure is to power-off-reset the switch. Doesn’t seem likely after you have substituted the old switch with a new one, but keep the L3 complexity in mind.
2. You didn’t mention explicitly, but older Netware systems used IPX/SPX protocol, instead of the TCP/IP stack. Typically, PC’s could load both stacks and know to use TCP/IP for Internet traffic and IPX/SPX for Netware traffic. It was actually a pretty good security measure, if you used an Internet gateway that could not route Netware. However operating both in the same network can occasionally cause problems, usually with the Netware network, particularly if you use Microsoft’s clone of the Netware stack. (I don’t think this is likely here.)
3. Are all the NICs from the same manufacturer? You could have a driver problem. You should never have to remove a device, remove the card, and reinstall the NIC more than once. Update the driver and/or totally replace the NIC with a different brand. I would do the driver first.
3. Do you have a Microsoft “domain”, rather than using Windows Networking? Are you pushing profiles to the PC’s from the server? The profile could be corrupt - or just flat wrong.
4. The next time a PC “hangs up”, look at the properties for your NIC and the logical device “Local Area Connection” or whatever in Network Connections. Look at the “Support” to determine the current IP settings, particularly the address, subnet, and gateway. Look at the TCP/IP (and possibly Netware - called IPX - properties if you are using that) to make sure they are consistent with your network. Also, in Control Panel, check Internet Options to make sure an unwanted Proxy has not popped up (Connections Tab, then LAN Settings button near the bottom). Look at your “hosts” file to be certain a virus has not redirected your packets - probably your firewall would block access, but hey, that’s exactly what you are experiencing:
5. You may run netstat -a in a DOS window, after the problem occurs, and note any unusual connections. Get upset if you see a local port being directed to an unexpected IP address, sometimes with a DSL or Cable Modem imbedded address as part of a domain name (example below). If you find this, you can edit your HOSTS FILE: in c:windowssystem32driversetchosts you should only have this entry,
127.0.0.1 localhost
If you see something else, it may be a virus reinserting itself (I had this happen repeatedly until I changed the hosts file and write-protected it. You can also get rid of a redirection you find in netstat without finding the registry key:
127.0.0.1 localhost ;existing default line, loopback
127.0.0.1 adsl-65-64-xxx-yy.ded.swbell.net ;add this line to dump calls to this host (xxx-yy were the real IP octets, but I changed them to hide the perp.)
Finally, you may have a rootkit, trojan, or a compromised VPN tunnel from an infected machine connected via IP-SEC. Rootkit Revealer from SysInternals is pretty good, but the best advice, if you think you have a rootkit, is still to scratch the disk and start over.
j88tru
Exchange, Hardware, Cabling, Microprocessors, NIC, Printers, Servers, OS, Security, Desktops, Management, Access, Microsoft Office, Microsoft Windows, Patch management, SQL Server, Networking, Availability, Bandwidth, Routers, Switches, Hubs, 3Com, Avaya, Cisco, Dell, Enterasys, Foundry, Hewlett-Packard, Juniper, Lucent, Nortel, Network monitoring, Network protocols, Ethernet, FDDI, Frame Relay, H.323, IPv4, IPv6, MPLS, NetBIOS, Novell IPX/SPX, SIP, TCP, Networking services, DNS, Active Directory, Bind, DHCP, Lotus Domino, General Directories, LDAP, NFS, Novell NDS, WINS, Performance management, Ping, Application security, Instant Messaging, Encryption, Database, secure coding, Current threats, Viruses, worms, Hacking, Spyware, Trojans, backdoors, human factors, Identity & Access Management, Digital certificates, Single Signon, provisioning, Security tokens, Biometrics, Network security, Firewalls, VPN, Intrusion management, Incident response, Forensics, Wireless, Platform Security, vulnerability management, patching, configuration, PEN testing, Security Program Management, Compliance, Risk management, CRM, Policies, Disaster Recovery, Web security, access control, Browsers, SSL/TLS, filtering, DataCenter, Tech support, Interoperability, Software
For some reason, at random, among 20 PCs on my network, in the morning or during the day, the network connection stops responding for both intranet and internet communications.
0
