Re: SBS 2008 Server losing DNS and Router Settings since Windows U
- From: Siv <Siv@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 7 Oct 2009 07:30:01 -0700
Kerry,
OK what would you recommend for a small business of 5 users?
Siv
--
Martley, Near Worcester, UK
"Kerry Brown" wrote:
Consumer routers are simply not acceptable for business use. The risk of a.
server being hacked and the disruption to the business while it is down
because you have to start again from scratch is too high. Even with the best
backup plan you would have to figure out when the server got hacked then
restore to that date. At best it would take several hours to a day to get
them up and running and the data changes between the restore to date and the
present may be lost. A $400 investment now will look pretty cheap in
hindsight.
--
Kerry Brown
MS-MVP - Windows Desktop Experience: Systems Administration
http://www.vistahelp.ca/phpBB2/
"Siv" <Siv@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5CF9CD61-1233-45E2-BF70-DCB129668A71@xxxxxxxxxxxxxxxx
Cliff,
Both these routers are firewall routers, I admit they are not as powerful
as
a dedicated SonivWall or the like, but for small businesses like these
they
are fine. These clients only have a four or five users and the costs of a
dedicated firewall is relatively high.
I am blaming Windows update for something as I have never known a Netgear
DG834G reset itself back to factory defaults on its own and unless the
staff
in the office are lying to me and have started messing with the router the
only thing that does mess with the router is Windows. Also this setup has
been running for ages without any issues and then just prior to the
problem
starting a number of Windows Updates were applied.
I appreciate that MS test all their updates and this is unusual, which is
why I am posting it here as a question. My clients are back up and
running
so I am not after further assistance, I just wanted to raise the question
to
see if any other users were reporting this sort of fault. I just felt it
was
too much of a co-incidence that I have two clients on SBS 2008 and they
both
went down after Windows updates were applied over the weekend!
Both machines are working again fine, but it took a lot of messing with
the
DNS settings to get things working properly again.
In the second system I mentioned I did log into the router from the SBS
box
using its web interface and was able to connect to it without any issues,
so
why couldn't the "connect to the internet" wizard locate the router on the
network, especially as the server's own NIC settings have the IP of the
router set as their gateway address??
"Even enabled, if the NIC is not connected to the network (which there is
no
reason for it to be) then enabling it won't impact DNS or DHCP. Both
service still bind to a NIC< so a second NIC will NOT impact the first
bindings."
On reflection I think I may have triggered the changes to DNS DHCP. This
occurred because at one point I thought that maybe the main NIC had some
kind
of weird fault that did allow networking but was confusing the wizard, so
I
switched the single connection to the router to the second NIC, this would
explain why DNS and DHCP picked up the second IP address.
So I'll take that one back, maybe I can't blame Windows Update for that
one.
I can blame something for enabling it in the first place as it definitely
wasn't enabled. I know this because I always rename the unused NIC's name
to
"Don't Use" and leave the main NIC as "Local Area Connection" so that I
don't
click on it and enable it by accident.
This particular client never goes anywhere near the server so I know that
they haven't done this manually themselves.
In the case of this second client with teh Draytek router, their router
hadn't been reset to factory defaults but it had become invisible to the
wizard and in fact the NetGear I replaced it with cannot be seen by the
wizard either, which prior to this issue it could without any problems.
Like I say it's all working fine at both clients but I would liek to know
what the hell happened.
Siv
--
Martley, Near Worcester, UK
"Cliff Galiher" wrote:
Inline:
-Cliff
"Siv" <Siv@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1C458171-DCD9-46E7-8FBC-3EB656B244AA@xxxxxxxxxxxxxxxx
Hi,
I have two clients who both run an SBS 2008 box with direct connection
to
a
modem router and they have both just gone off the net in the last
couple
of
days.
GET A FIREWALL!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
(did
I stress that enough?)
It looks like a Windows update has done something pretty nasty to DNS
and
the router settings. My first client had a Netgear DG834G attached and
it
had
completely reset back to factory setings and thus was on a completely
different IP range to how it was configured previously.
Wait, you are blaming a router resetting to factory defaults on Windows
Update?
1) A router should always have a VERY strong password, and AD/servers
should
not know it...so even if uPnP is enabled (which I don't recommend() a
complete factory reset is still impossible UPnP only allows port
mappings,
not DHCP/DNS changes.
Also factory default
is that DHCP is enabled, so the SBS 2008 box was moaning about a second
DHCP
server on the network and a lot of the DNS records were mangled up.
Good! DHCP belings on the SBS server for a well designed network. SBS
had
a right to complain.
Had to re-input the settings to get the router back and then clean up
the
DNS records before the system would come back on the net and all cliets
had
to be re-booted to get the correct details from DHCP. It looks like
something
enabled the second (previously disabled) net card,
which then got a different
IP address to the first netcard and this affected DNS, DHCP and
Exchange
Server so that all client machines were getting the IP address of the
server
as the 2nd net card's IP address.
Even enabled, if the NIC is not connected to the network (which there is
no
reason for it to be) then enabling it won't impact DNS or DHCP. Both
service still bind to a NIC< so a second NIC will NOT impact the first
bindings.
Rule of thumb: Only plug cables into your switch that are necessary.
All very messy??
Indeed, but nothing I'd blame on SBS or WU yet.
The other client was even more strange, they had a Draytek Vigor 2800i
router, it had not been altered (probably because it didn't have UPNP
turned
on)
As explained UPnP only allows mapping of NAT ports. Not the changes you
are
describing.
but the second network card had been enabled and again DNS was all
mangled up and interestingly the "Connect to the internet" wizard can
not
find the router on the network. When I run the wizard it loses the
gateway
settings and thus internet connectivity, I then manually entere the
server
IP
and the router's IP and tell it to continue and after a long pause it
fails
with a red error icon saying to contact MS Product Support.
Of course it does. If step 1 is failing, so you are faking it and
manualy
entering settings, then step 2 can't be expected to succeed. Whatever is
causing SBS to fail the detection of your network is obviously going to
impact its ability to see the network on step 2 as well.
Wireshark. SBS BPA. These are your friends.
I manually reconfigured the net cards and set the IP settings manually,
also
had to set the DNS records back up as the IP address that had become
enabled
for the second network card was appearing in DHCP, DNS as the server's
IP
address and also Exchange had adopted it also.
Do not manually reconfigure. Fixing the source, not the symptom.
After a lot of manual tweaking I got everything back as best I could.
"as best I could" is obviously subjective, and as cruel as it sounds,
obviously not adequate. IF the manual fixes worked, I doubt you'd be
writing this.
Before making the changes I had configured a spare router with
identical
settings to the original one (new router was a Netgear DG834G again)
and
tried running the wizard against that router and it still said it
couldn't
detect it?? and also crashed the wizard when I entered the settings
manually!?
Bad NIC? Bad drivers? Bad update? Did you try running any diagnostics?
SBS BPA, hooking up a laptop to the router and generic ping tests,
etc....restore a backup?!?
Both machines had had a number of Windows updates, but I have not
managed
to
spend time comparing them to see if there was any commonality!?
Well, with any luck there is *a LOT!!!* of commonality. MS doesn't
release
patches because they like to have a record of 10 patches a month.
Patching
a server is a important part of the IT lifecycle. Don't blame WU
(especially being I have seen *no* evidence that an update is the
cause...)
but instead look elsewhere. You've described two servers with...although
similar, at the root, very DIFFERENT symptoms (the similarity ending with
loss of internet access) and with no idea to the cause(s). Just as
patching
is an IT must, so are backups. The longer you wait to troubleshoot and
resotre, the more stale your backups become...
Just curious if anyone else has seen this in the last few days??
Not specificallly. But there are plenty of DDoS attacks out there that I
don't specifically monitor for as they are common. MS regularly releases
updates and patches for attacks too, but there are also a few zero-day
vulnerabilities that have been documented and unpatches. So, I'll repeat
my
first statement....a firewall is CRUCIAL for any business installation.
They won't help with everytihng, but a good firewall would certainly have
prevented DHCP packets from reaching your internal network from your
router...as an example.
Siv
--
Martley, Near Worcester, UK
- Follow-Ups:
- Re: SBS 2008 Server losing DNS and Router Settings since Windows U
- From: Kerry Brown
- Re: SBS 2008 Server losing DNS and Router Settings since Windows U
- References:
- SBS 2008 Server losing DNS and Router Settings since Windows Updat
- From: Siv
- Re: SBS 2008 Server losing DNS and Router Settings since Windows Updat
- From: Cliff Galiher
- Re: SBS 2008 Server losing DNS and Router Settings since Windows U
- From: Siv
- Re: SBS 2008 Server losing DNS and Router Settings since Windows U
- From: Kerry Brown
- SBS 2008 Server losing DNS and Router Settings since Windows Updat
- Prev by Date: Re: I've followed numerous guides, but I can't get Exchange Active
- Next by Date: Re: I've followed numerous guides, but I can't get Exchange Active
- Previous by thread: Re: SBS 2008 Server losing DNS and Router Settings since Windows U
- Next by thread: Re: SBS 2008 Server losing DNS and Router Settings since Windows U
- Index(es):
Relevant Pages
|
