I would second the network packet capture and if you need help deciphering feel free to reach out to me I would be happy to take a look at it for you.
Honestly, it could be a number of issues, and ping is not always the best way to diagnose these. Also since this is the only DC that seems to be having this problem you can always demote it and rebuild and repromote. This could be a NIC issue also ( are you seeing runts or giants or any other packet issues on your switch ports that the DC's are connected too) What does Dcdiag and Netdiag to the server in question show? Z Edward Ziots CISSP, Security +, Network + Security Engineer Lifespan Organization [email protected] -----Original Message----- From: Kurt Buff [mailto:[email protected]] Sent: Tuesday, July 03, 2012 1:24 PM To: NT System Admin Issues Subject: Re: Ping help On Tue, Jul 3, 2012 at 10:07 AM, Glen Johnson <[email protected]> wrote: > Need help please. > We have 3 x 2008r2 domain controllers. > We've been fighting with some unusually slow domain logins and other > flakiness for a while. > For example navigating between OUs in active directory users and computers is > painfully slow. > While testing basic connectivity, I found that a ipv6 ping to one of our > domain controllers fails, but here is the interesting part. > If I ping -6 from domain controller to my workstation, then for a couple > minutes, ping -6 from my workstation to the domain controller works. > After just about 2 minutes, it begins failing again when I ping workstation > to server. Destination host unreachable is the error. > Ping -6 from my workstation to all other servers and domain controllers work > fine. > I checked the windows firewall on the failing computer and it looks identical > to the other 2 domain controllers. > One point that may be relevant. The failing DC has 2 nics. I did try > disabling one of the nics and rebooting. No help. > Turned windows firewall off, no help. > Any suggestions appreciated. While I haven't run into this problem, I'd like to suggest an approach... Do you have access to a span/mirror port on the switch to which the 2008R2 server connects? Can you run a wireshark capture of the traffic between that server and the machine you're using to diagnose this issue? This will be your best bet for capturing the true network traffic. Also, is there anything in any of the logs on either machine? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
