In time I have my internal network drops all connections to my locally hosted website. After rebooting the web server all internal connections to the website works again, but it is only a matter of time for it to go down again.
When we goes down outside connections, say by using a proxy or a VPN from inside would still bring the website up; but internally, it appears as though our website is down.
What could be causing this? And how would I go about trouble shooting it so I can fix it? It is as if I am running into this exact same problem every 4 to 5 years.
Things I tried when it is down
Pinging domain name form internal network returns proper response with the correct IP (connecting over IPv4).
Remote Desktop connection from internal network to server also still works. I am connecting via Windows Workgroup Computer Name over a IPv6 connection using the NIC_internal adapter.
FireFox is not connecting:
The connection has timed out
An error occurred during a connection to my_domain_name.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that
Firefox is permitted to access the web.
I turned my Firewall off (temporarily) still no connection. I then accidentally totally reset my firewall ... what a disaster ... thank God for VM clones and backups.
Internal Emails that are hosted by the server are also down. Did not check if externally they are still working.
I found this similar post. Running C:\WINDOWS\system32>rout print reveled some very old network configuration setting under Persistent Routes Gateway Addresses. I removed them using
C:\WINDOWS\system32>route -p delete 0.0.0.0 192.168.10.100
but that did also not fix the problem.
My Network Setup
It is a somewhat disjointed setup with two NIC's on the server end. Internally we are using the Window Workgroup network.
ISP-Router has everything wide open and is acting as a switch providing internet access to Internal Network Router and the website hosted in Windows-VM on an Ubuntu Box. (IPv4)
Ubuntu Box is running VirtualBox, which runs a virtual machine (the actual server) Windows-VM. The Ubuntu Box has two NIC cards. Both NIC cards, NIC_web and NIC_internal, are made available to the Window 10 Server in VirtualBox as bridged.
NIC_web is connected to the ISP-Router. The internet sharing through that connection in Windows-VM is turned off.
NIC_internal (Ubuntu Box) is connected to the Internal Network Router (IPv4 and IPv6).
Internal Network Router gets the internet access from the ISP-Router, and provides internet access to the internal network. All internal internet traffic goes out via this router (which has a firewall).
My Windows-VM on an Ubuntu host
Windows-VM is running: Apache, IIS, Simple DNS Plus as DNS Server, hMailServer as Mail Server.
NOTE: I changed up my numbers a bit
C:\WINDOWS\system32>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Windows-VM
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter NIC_internal:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Desktop Adapter #2
Physical Address. . . . . . . . . : 08-00-27-31-14-DA
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6519:c34b:5366:56c9%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 386400285
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-79-28-9E-08-00-27-31-23-DE
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter NIC_web:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 08-01-27-99-C9-3C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 76.80.54.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.28
IPv4 Address. . . . . . . . . . . : 76.80.54.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.28
Default Gateway . . . . . . . . . : 76.80.54.2
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Windows\System32\drivers\etc\host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
192.168.1.5 me
192.168.1.6 nas
C:\Windows\System32\drivers\etc\lmhosts
192.168.1.5 me
192.168.1.6 nas
C:\Windows\System32\drivers\etc\networks
loopback 127
This setup usually works well... but since the last power-outage and some updates, things are somehow off.
Normally a server reboot fixes the problem. So, based on this, I am assuming that it's probably not a router or DNS problem.
In Windows-VM
nslookup from Windows-VM shows
C:\WINDOWS\system32>nslookup
Default Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61
>
brings up the ISP provided DNS server address. When querying my domain name from the nslookup dns-cac-lb-01.rr.com login, it provides me the correct IP address the domain name belongs to.
On an internal computer
nslookup from within the internal network logs me into the Internal Network Router
C:\Windows\system32>nslookup
DNS request timed out.
timeout was 2 seconds.
Default Server: UnKnown
Address: 192.168.1.1
>
I looked at the DNS log files to see if I can spot myself hitting the DNS server, but could not see any entries in regards to my Internal Network Router's IP hitting it. Some other router outside must have this cached.
Internal Network Router diagnostic tool
Ping works giving me back the proper IP.
Tracerting for domain name worked too, recording one hop.
I also rebooted the Router to see if maybe that would work, nothing.
I unplugged the NIC_internal cord just to see if it would influence something, besides disconnecting me from my Remote Desktop session, nothing.
Still no website.
