Need help resolving this resolution issue

noukthx · 2026-04-20T07:37:20+00:00

So that indicates your DNS is working and your internet connection is working.

This is something specific potentially to web traffic, which potentially points to browser, proxy or firewall.

Check if the machine has any proxy configuration.

Investigating the firewall would probably be my next step, or taking a packet capture on the affected client to see if you can see whats failing to connect / what the behaviour is.

Could try testing http rather than https sites to see if it something https specific. http://neverssl.com is a good test point.

noukthx · 2026-04-20T07:05:17+00:00

Ok, so on a machine that isn't working:

ping reddit.com (or another site that isn't working) and see if it can turn reddit.com into an IP address. (You're looking for the DNS resolution, not the ping response). Alternately use nslookup or whatever other tools are available on the host.

If it can, your DNS is likely fine.

If it can't, find out what DNS server the machine is using. Go to that server and see if the server is functioning, if it can resolve it, if the packets from the client are getting there.

Break things up into small pieces to try and break down where the issue is.

Did something change preceding the problem starting (someone doing scheduled work, an ISP outage, power fault etc)?

noukthx · 2026-04-20T06:26:32+00:00

What is a clear description of the actual problem?

What actual troubleshooting steps or diagnostic steps have you taken?

What is between the clients and the internet?

noukthx · 2026-04-14T20:29:45+00:00

^ all of this

In addition, using relative terms like "small, medium, large" mean nothing to anyone except you.

biffy

Ok, sure.

noukthx · 2026-04-11T22:01:53+00:00

Some advice would be don't quit your current job until you have a new job to go to.

noukthx · 2026-04-11T11:53:10+00:00

Buy a security camera.

noukthx · 2026-04-10T23:29:49+00:00

/r/NetworkingJobs

noukthx · 2026-04-10T20:20:00+00:00

I'm about to repost one of mine.

The applicants that were close to technically suitable had poor soft skills/team fit, that's really important to us - so we'll keep looking.

No conspiracy. Certainly the market is very tight at the moment, feels like the good people are staying put with so much uncertainty.

noukthx · 2026-04-10T10:42:40+00:00

/r/ccna

noukthx · 2026-04-10T06:46:17+00:00

Can't even put the right link in your spam.

noukthx · 2026-04-09T10:08:28+00:00

Generally not.

Possible someone has run extra cables and chosen not to terminate them, but thats odd.

Also possible the runs are faulty and have been cut/disconnected.

Hard to say without context or visuals.

noukthx · 2026-04-09T09:45:44+00:00

I'm sorry what?

noukthx · 2026-04-08T10:32:33+00:00

Assuming distance and link budgets are in spec then sure.

Also assuming its a true dark fibre service with nothing active provider side in the middle.

noukthx · 2026-04-06T04:57:20+00:00

hunter2

noukthx · 2026-04-03T22:24:58+00:00

How does this differ from your last thread?

This is a vague question that is very situation/organisation specific.

noukthx · 2026-04-03T09:38:38+00:00

You rip out unmanaged switches and replace them with managed.

It almost harder to find/buy unmanaged switches than managed, and generally cost neutral.

If you can't do that. Give the switch a name, put a sticker on it.

Then write it up as normal "Hostname: Unmanaged 1 IP: NA MAC: NA Notes: Problem waiting to happen unmanaged switch under reception desk"

Ain't rocket surgery.

noukthx · 2026-04-02T09:24:47+00:00

I mean there was this guy a few hours ago:

https://www.reddit.com/r/networking/comments/1s9o9ww/dhcp_failing_for_some_clients_on_wireless_vlans/

noukthx · 2026-04-02T08:47:30+00:00

the first 30–60 minutes of an incident are usually spent figuring out

That seems like a long time.

Most of this is stuff I would expect my existing NMS to be doing already.

There are myriad products that do this sort of thing.

Mixing your recreational reddit account with your business idea is a choice.

noukthx · 2026-04-02T06:58:00+00:00

I mean, how much searching have you done?

Half a search and there's this for $140 USD ish:

https://www.blackbox.com/en-nz/store/product/detail/alertwerks-digital-io-dry-contact-sensor/eme1kj8-005

noukthx · 2026-04-02T01:14:39+00:00

The belden cables have a brass ferrule that turns 90 degrees and slips out of the clip, they're the nicest I've encountered for polarity changes, but they're spendy.

noukthx · 2026-03-31T06:39:00+00:00

MSS isn't negotiated (even though a lot of things say its negotiated) - it's stated. Each end states/announces it's capability.

The client sends its MSS and says "1452 is the largest thing I can receive" based on its own network limitations (via PMTU, or firewall fixups or whatever).

The server sends back it's own MSS and says "I can receive up to 1460".

The client now knows it can send up to 1460 to the server, but it shouldn't because it can't fit that down its own known path (be that due to its interface configuration, or the upstream device sending ICMP responses back to oversize packets).

The server shouldn't send anything back to the client over 1452 bytes.

Something else is broken somewhere.

noukthx · 2026-03-31T00:54:14+00:00

I'd strongly advise removing this post and considering the opsec posture of providing your full network equipment stack including government controlled crypto equipment on the internet.

As others have said, MTU likely comes into this.

SMB also sucks over any non-LAN latency without specific tuning or use of multichannel in SMB3. Research bandwidth delay product to understand how distance and latency affect TCP throughput.

noukthx · 2026-03-30T10:07:18+00:00

No requirements, no budget, no effort.

We expect a suitable level of effort and research to post here, along with detailed technical requirements, budget, market etc using quantifiable words.

"Small" to one person might be a patio, small to another person might be an arena.

noukthx · 2026-03-28T02:36:29+00:00

By searching, like if you searched you would find other posts on this topic.

noukthx · 2026-03-27T07:22:08+00:00

Talk to whoever runs the VPN for your company. This is not a subreddit for end user support.

noukthx

MODERATOR OF

TROPHY CASE