Home / server / Questions / 410776
Accepted
Mike
Asked: 2012-07-25 10:40:04 +0800 CST

Why do a few of my customers lose HTTP connectivity for brief periods?

  • 772

I am running IIS 7.5 on Server 2008 R2 virtualized on a Windows Core 2008 R2 server on Intel server hardware sitting behind a Sonicwall firewall.

For a number of months now, we've had a trickle of customers (maybe one per week) contact us to say that they can't access the website. When this happens I immediately start diagnosing the problem and here's what I find:

  1. I can access the website.
  2. Our support staff at other locations can access the website.
  3. Presumably (because we don't hear from them), other customers can access the website.
  4. The customer can ping and tracert to the server.
  5. The customer cannot access other websites on the same server that share the same IP address.
  6. The customer can access other websites on the same server that use different IP addresses.
  7. iisreset does not resolve the problem.
  8. Resetting the customer's router does not resolve the problem.
  9. Flushing our firewall's ARP cache does not resolve the problem.
  10. Changing the customer's browser and/or rebooting his machine does not resolve the problem.
  11. Switching to a different computer behind the customer's router does not resolve the problem.
  12. In 15 - 30 minutes the problem somehow magically resolves itself and the customer can once again access the website.
  13. When it fails, the customer sees a timeout message and the IIS logs show no record of the request at all.

Other notes:

  1. There doesn't seem to be a pattern as to which customers this problem affects.
  2. We are not using load balancing.
  3. Except for the firewall, there is no other security software/hardware in front of IIS.
  4. The IIS VM has all the latest Windows Updates.
  5. The Server Core installation has all the latest Windows Updates.
  6. The Sonicwall is running the latest firmware.

Things I suspect may be the problem:

  1. If the customer's browser was incorrectly resolving the DNS for the website that could cause all of the above problems. Next time it happens I'll use Fiddler to verify the IP address the browser is trying to connect to. Not sure why ping would then be able to resolve it correctly from the command line though.
  2. Perhaps the Sonicwall is somehow blocking the connection. If this is the case, it is blocking only a specific source IP + destination IP + protocol, and only for 15 - 30 minutes. I do not have any of the Sonicwall's advanced filtering services licensed/activated. I can potentially test this theory by resetting the Sonicwall while the problem is happening, which is a bit of a scary proposition considering the other users accessing the server at the same time.
  3. Perhaps the virtual network connection between Server Core (the host O/S) and Server 2008 R2 (the guest O/S) is somehow blocking the connection for some period of time. Not sure how I can test/diagnose this one.
  4. Maybe some weird problem with the NIC drivers on the host machine? Not sure how to test this one either.
windows

1 Answers

  1. Best Answer

    It's not a very satisfying resolution, but I wound up moving from the virtualized solution I described above to a standalone server and so far the problem has gone away. I don't know if it was a problem with the previous host machine's network card, the virtual network adapter sitting between the VM and the host machine, or something else entirely, but for the moment things are running smoothly. If the problem pops up again I'll update this question/answer.

    • 0