IIS 5 & IIS 6
IIS: website(s) become unreachable to outside network
Last post Mar 11, 2009 12:41 PM by pjbackman
Apr 29, 2008 01:34 PM|pjbackman|LINK
I've read through the vast majority of the postings in this forum to see if a similar scenario is already addressed, but didn't find anything of the same nature, so I'm looking for some input.
Here is the situation.
I have a small home office rack that contains three Windows2003 servers and a workstation.
All four machines are being supplied both a static IP address from the internet provider, and an internal IP address from a router (for secure access of internal resources).
Both webservers are spec'd as follows:
Both webservers host a small collection of websites that are setup on the external IPs and visible to the Internet (example:
The third machine is an Exchange and Active Directory/Domain controller.
The network setup is pretty simple. There's a business cable model, attached to a 16 port switch. All three servers and my workstation are on the switch, along with a wifi router. All 4 machines and router are getting a static IP from the ISP. All four machines
are also plugged into the router and getting internal static IPs. There is no hardware firewall, but the servers are port locked except for the common ports used for a webserver.
All three machines were recently built/configured and were working pretty flawlessly, until about two weeks ago.
That was when I noticed that while my websites on both servers were visible and properly resolving from my workstation (resolving and properly loading on the external static IP), any attempt to load them from a remote server timed out with a timeout/DNS
I scoured all the logs looking for any service failure or event that might have caused it. There was nothing that looked out of place other than the WinHTTP Auto proxy service stopping within a couple hours of the time I would notice the issue. But restarting
the service didn't solve the problem.
And even though the sites would behave as though the website was offline from the outside servers, all attempts to ping the URLs and nslookup the URLs would work fine. Pings replied from the correct external IP and nslookups returned the correct external
IPs. All the website profiles in IIS are set explicitly to bind to the external IP, rather than All Unassigned.
But the second I pulled up the sites from my workstation (even after disabling the internal IP I was using for internal access) the sites would resolve fine.
So, I began thinking I might have not properly setup the machines in the Active Directory/Domain, so I removed both machines from the domain, and removed both the DNS and WINS server entries from the network adapter configurations on the web servers.
At this point, both web servers are acting as standalone servers without any domain connection or association to other machines on my network/domain.
Yet, about every 24 hours or so, one or both of the webservers will -- without correpsonding errors or events in the log -- stop serving sites up when accessed from remote servers even though my workstation can still view them fine.
Has anyone seen any phenomenon like this or know where I might look to chase down a fix?
Apr 29, 2008 03:25 PM|swerve713|LINK
This has a lot of layers to address, so I'm just going to throw out some suggestions.
1) Find a buddy external to your environment to help troubleshoot. When the site is no longer coming up in a browser, see if he can even telnet to port 80 on any of your public IP addresses.
2) You mention the ports are locked down, are you using Windows Firewall?
There are external monitoring services that can alert you when your public web presence is down (Red alert, etc) but you may also find an external workstation and use a simple VBScript to call the XMLHTTP object for testing. A script scheduled to run and
log a simple pass/fail in a log file might go a long way to get a better idea of exactly when the service goes down.
Apr 29, 2008 03:33 PM|pjbackman|LINK
I manage a number of servers on remote networks, so I can and have been checking it from the outside (which is how I was able to ping and nslookup remotely).
I setup website monitoring on the sites this morning, and will attempt to telnet back to it the next time I get an outage.
I had one only a short bit ago, but I rebooted the server as a fix before I saw your repy to test the telnet check.
And yes, both servers are firewalled using Windows Firewall and the Security Policy wizard in Windows 2003 server.
Mar 10, 2009 02:25 PM|jamesmoore|LINK
I'm experiencing the same behaviour on one of my web servers. Coldfusion website has two hostnames, pointing to same IP. One will quit working while the other works, sometimes this happens on the Internal network, sometimes external. Sometimes both URLs
won't work. Sometimes only the URL with HTTPS won't work, but both URLs work without HTTPS. Not sure if it's because of the <cflocation> tag in my Application.cfm.
Did you ever find a resolution?
Mar 11, 2009 12:41 PM|pjbackman|LINK
Sadly no. The behavior continues to this day. The most troubling thing about it is that it is doesn't occur on a constant basis, only a few times a week.
The only additional symptom I can report is that that the two of the three servers with CF on them are affected. The third machine which only has AD/Exchange isn't affected. On top of which, the outages tend to happen within 15 minutes of noon and midnight.
There aren't any scheduled tasks in Windows or CF that might be causing it from what I can tell.
I've somewhat resolved myself to assuming it's something happening as a result of either my ISP from whom I'm getting my bizclass cable, ColdFusion, or both.
I'm in the process of relocating to a new state, and will reconfigure the servers and let you know if the behavior continues on a new network/ISP.