Windows 2003 Server: NAT, ARP Cache Issue

[jumbo_cards]

Hi guys,

I'm working a server that is running Windows 2003, the server itself is a router. Which means all the internal LAN computers will go through this server as a gateway into WAN. It is a dual NIC setup, 1 NIC is connected to the WAN and another is internal switch.

the problem:

Everything works fine and so on... however once in a while, LAN computer will not be able to browse the net or ping or whatever... it seems like they are off the connection. But my server WAN connection is still connected (although even the server won't be able to browse anything).

Here is my situation:

When the problem happens, it won't be fixed until I "repair" my WAN connection. However, I get an error message saying "ARP cache fails to clear". Even though repairing says failed, my net will be back up and the computers behind LAN will work again. But after awhile samething happens.

I've done some surfing on this ARP caching problem, the most common solution is to disable routing and remote services. Which I did and it does clear the cache. However the problem doesn't go away once I re-enable my routing services.

I really need to know if there is a solution to this. Is there a way to keep my connection stable without the disconnection and keep NAT services running while not having ARP problem.

I'm sure there are plenty of Window Server based NAT out there... Please help me~

Thanks.

[+BudMan MVC]

Have you tried clearing your arp cache on your own?

The repair options does this

http://support.microsoft.com/kb/289256

A Description of the Repair Option on a Local Area Network or High-Speed Internet Connection

NOTE: The actions occur in the order that they are listed. A corresponding command is listed next to each action.

? Dynamic Host Configuration Protocol (DHCP) lease is renewed: ipconfig /renew

? Address Resolution Protocol (ARP) cache is flushed: arp -d *

? Reload of the NetBIOS name cache: nbtstat -R

? NetBIOS name update is sent: nbtstat -RR

? Domain Name System (DNS) cache is flushed: ipconfig /flushdns

? DNS name registration: ipconfig /registerdns

The following action has been added to Windows XP Service Pack 1:

? IEEE 802.1X Authentication Restart

How about you actually figure out what your issue is vs clicking a magic button?

Which step do you think is fixing your issue? I would guess that your wan connection lost is dhcp lease.. So step 1 is what is fixing your problem. Or ir could be a flush of your dns.. but I would assume when you tested that you could not ping -- that you would actually test with IP vs name.. since otherwise its a pretty lame test for connectivity.

Can you ping your wan connections gateway would be the first test you should do in testing connectivity.

As to why you can not clear you arp cache? Im curious how much is in your cache when you try to clear? How about you do a arp -c to view your cache before you clear it.

Vs clicking the magic "repair" button next time -- how about getting some actual info on what yo;) problem is ;) Do you still have an IP on your wan interface? Can you ping your ISP gateway by IP? Just because your modem has sync an shows a light does not mean you have connectivity, etc.. Kind of hard if no IP address, etc.

[jumbo_cards]

Hi, Thanks for the response...

I don't think it is the ARP problem anymore. However, instead of using repair... I can bring back my net by typing ipconfig /renew at the command prompt.

However I don't think it is an ISP problem, since I tried a Dlink router which seems to keep my connection on perfectly.

arp -c command show normal status with the routing information

When this problem hits, I cannot ping my ISP gateway (or any external websites using domain names or IP), it seems any traffic through my WAN is lost. I still have external IP address. It will not work even by unplugging the physical WAN connection and plugging it back in (in which I still would get an IP address). I have to renew using ipconfig to bring my WAN back online.

This problem does not happen on a predictable time frame, it can happen 5min since I last fix it.. or 5 hours.

Regards,

[+BudMan MVC]

Well unplugging the interface an plugging it back in would renew an IP.. What IP address do you think you have when it does not work -- if 169.254.x.x that is a APIPA an not going to do you any good.

When you do a renew -- do you get a new IP address??

I would suggest you post the output of ipconfig /all showing what your IP address is an lease time on your WAN interface, when its working. Please snipped out the last 2 octets so no one has your IP.

Please NOTE what your IP address is, an what the dhcp lease time is, etc.. example

Lease Obtained. . . . . . . . . . : Wednesday, October 31, 2007 9:32:23 AM

Lease Expires . . . . . . . . . . : Friday, November 02, 2007 9:32:23 AM

When you have the issue -- please do another IPconfig /all an post what it shows.. Then do a IPconfig /renew -- an post what it shows after it works.

Please make sure to NOTE -- if you are getting a new IP address, or renewing the same one.. How long is the lease, etc..

Normally the IP address would attempt to renew at the 50% mark of the lease time.. And you should be good until it actually fails to renew -- at which time you would loose your IP, an could switch over to tha APIPA address (169.254) which would be useless to get on the internet with, etc.

Since you say it works fine with a router -- I would assume your having a dhcp renew issue with your ISP an this servers wan interface.

[jumbo_cards]

At no point in time do i get an 169.254.x.x IP.

I don't think it is DHCP renew problem. When my WAN port stops responding, it still shows my correct internet IP. I'm not at the computer now, but I'll post the lease time and stuff later.

when I unplug, and replug, I get the same internet IP just fine, but still won't be able to access the net. Only when I do ipconfig /renew will I be able to get back.

I'm using cable modem to the internet. So essentially, when the problem hits, I can't even access my cable modem's built in http server. So I'm quite sure it is not ISP problem but a windows server configuration problem.

The weird thing is that I've setup this server since 2 weeks ago. And only since last week it started to show this problem, before it would be on all the time >.<''

On other forums, I found users with the same sort of connection problem and arp cache (although, I don't think it is arp problem at all now, just that arp can't be flushed with NAT routing services on.) However, there is really no answer to that connection problem or what might be causing it. The fact that it started out okay and started to happen after few days or so confuses me. I can reinstall windows server and the problem will probably go away for a few days... but then it will just come back.

See here and here

I can switch NIC to another brand I guess, or just forget Windows Server and install Linux as the router. But that would be so time consuming to set up... arg >.<''

[+BudMan MVC]

If you have a router that works fine -- why do you feel windows as a router is helping you? Are you using ISA? What features of windows as a router do you need/want?

Using a windows OS is a pretty expensive router if you ask me ;) An what does it get you? Without ISA is pretty limited on the feature set.

If your looking for a good router -- I would go with ipcop, smoothwall, m0n0wall or pfsense, etc. as choice for a router OS. I can tell you right now that ipcop or pfsense should only take about 15 minutes to have up an running.. http://www.pfsense.com/ you could boot from liveCD to check, etc.

[jumbo_cards]

Hey,

I've redid my NAT service again, but more carefully this time... The good news is that it seems to be no dropping now. I haven't lost a single connection yet. Although if this works, I don't know what I did to the server in the beginning.

Regarding why I use a server as a router... well, its mostly for self-learning purposes and somewhat of curiosity. My router is good, but lacked downstream QoS, besides, I have a server running as file and ftp/web most of the time... So I decided to merge them to see.

Anyway, I'm running into other problems with VPN >.<'' But I guess I'll make another thread for that.

[+BudMan MVC]

Are you running ISA on this server -- 2k3 out of the box does not support any type of QOS or bandwidth shaping.

If your looking for a good do everything OS, routing file serving, vpn, etc.. I would suggest you check out ClarkConnect -- the free version should suite you just fine.