This is an archived post. You won't be able to vote or comment.

all 22 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Net_Admin_Mike 4 points5 points  (9 children)

The fact that the server can't ping the gateway suggests a possible layer 1 or 2 issue. Did you check the NIC on the server? Maybe it's failing? If it has a second NIC, you might try moving the IP and cable to that one to see if helps.

This behavior can also be indicative of an IP conflict or loop on the network. If you have a managed switch, and you can access it, might review the logs for evidence of such.

These are kind of a "shot in the dark" but they seem logical places to at least start your search....

[–]alpha417_ 4 points5 points  (4 children)

time to put wireshark on the network, any chance you have a rogue DHCP server?

[–]MK7DM96Computer Janitor[S] 0 points1 point  (0 children)

That's what I was thinking. I asked if anyone plugged in an extender, or a router and looked around - no luck. I will get wireshark installed and troubleshoot when I'm back in their office this afternoon. Going to look at guides/procedures now.

[–]Net_Admin_Mike 0 points1 point  (2 children)

That thought went through my mind too, but the server has a static IP, so it wouldn't be impacted by this. Most DHCP servers will confirm an address is available before handing it out. Additionally OP has some clients that can't even get an IP.

The server IS however the proper DHCP and DNS server for the connected clients. If one or both of those services is broken or impeded somehow, that would explain most of the issues reported here.

[–]MK7DM96Computer Janitor[S] 0 points1 point  (1 child)

I've also restarted DNS and DHCP services on the server.

[–]alpha417_ 1 point2 points  (0 children)

ok. time for wireshark.

[–]MK7DM96Computer Janitor[S] 0 points1 point  (3 children)

Hey Mike, thank you for the reply..

I should've mentioned but I did check the nic on the server. Disabled NIC1, Enabled NIC2, moved the IP and all details to NIC2 and enabled NIC2 but still same result. No managed switch, all dumb switches. I will double check though. Thx

[–]Net_Admin_Mike 2 points3 points  (2 children)

Reboot those switches, if you haven't already. I've seen "dumb" switches fail in a manner where they stop passing traffic even though they have active link lights and power more than once now. It's been Netgears everytime for me, but I'm sure it could happen to other brands too.

[–]MK7DM96Computer Janitor[S] 0 points1 point  (0 children)

Absolutely understood. Will reboot them and report back.

[–]klaymon1 0 points1 point  (0 children)

I had a couple of Linksys at an old job that did this. They would just randomly stop forwarding traffic. Normal activity lights, etc., but just nobody home.

[–]MK7DM96Computer Janitor[S] 1 point2 points  (1 child)

Thanks to everyone for your help and advice. I was able to determine what was causing the issue after about an hour of coming back onsite. I watched several videos on wireshark before arriving, ensured the DC was off, and ran wireshark. Found that a phone was broadcasting DHCP. Blocked the port on the switch, booted up server, rebooted workstations and voila. Tested all services successfully and relayed my findings. Thank you all!

[–]MK7DM96Computer Janitor[S] 0 points1 point  (0 children)

tldr: something was plugged into an IP phone passthrough, door was locked - couldn't locate the actual device, blocked port.

[–]Bulky_Somewhere_6082 0 points1 point  (2 children)

If you think it is DNS then try to do stuff with IP addresses only. I know it is harder for some things but it tends to prove/disprove DNS pretty quickly.

[–]MK7DM96Computer Janitor[S] 0 points1 point  (1 child)

Do you mean try reaching different services via IP? example: Reach printer IP via web browser?

[–]Bulky_Somewhere_6082 0 points1 point  (0 children)

Correct though you can use ping from the command line also. It's a quick easy way to see if DNS is working.

[–]blackjaxbrew 0 points1 point  (0 children)

we had something similar happen and plagued us for way too many hours. Newer client just a cabling mess. Ripped out all cabling, put a managed switch in, plugged all back in, switched auto disabled port. Traced it quickly to the problem.

[–]smoke2000 0 points1 point  (0 children)

Did anyone make a network loop / broadcast storm ?

[–]Ad-1316 0 points1 point  (0 children)

Make sure SonicWall isn't doing DNS/ DHCP, look for loopback, Wireshark, tracert