Is it possible that you simply have a DNS problem? The conditions you desrcibe are exactly what would happen if your system couldn't contact a DNS server in the process of resolving URLs to their IP addresses.

Try this:

- Open a DOS box

- Type:
ping 64.233.167.99

and then:
ping www.google.com

If the first works, but the second doesn't (both pings should reach Google), check the DNS server IP entries in your TCP/IP properties and make sure the IPs are present and correct.

what if the ips are not present and correct? then what should i do?

help

If your computer connects directly to your cable modem, it's most likely that you're supposed to be getting all of your IP info from your service provider automatically via the DHCP protocol.

Open your Network Connections, right-click on the Local Area Connection, and choose Properties from the resulting menu.

In the General tab of the Properties window, double-click on the "Internet Protocol (TCP/IP)" entry. Check the "obtain...automatically" options for both the IP and DNS settings.

Click OK in the Properties window and again in the Network Connections window.

Open your Internet Options control panel. Go to the Connections tab and click the "LAN Settings..." button; make sure the "automatically detect settings option there is checked.

Reboot just to make sure your changes take effect.

Once the computer reboots, you can see if it picked up its IP info automatically by opening a DOS box (MS-DOS Prompt) and typing the following command:

ipconfig /all

That should show DHCP to enabled, and should list your IP address, subnet mask, gateway IP, and DNS server addresses.

If the above doesn't work, post the info that the ipconfig command did report.

When I first installed XP SP2, I immediately turned off the firewall because I already have a Linux firewall protecting the LAN. I then got the maddening DNS error or server not found error message. I also had a heck of a time using POP3 to pull down mail messages from the Linux mail server (also on the firewall).

Since I'm running a caching DNS server on the Linux firewall, this made no sense to me what so ever. I should be getting DNS name resolution at the 100 Mb of the local LAN. Additionally, I'm running a squid web proxy server, so if there was a DNS error, I wouldn't be getting the IE error message. I would be getting a squid error message, but no, I didn't get that either. Very strange.

I monitored the squid cache access log file, and I was not seeing any web requests being logged when XP's IE was getting the DNS / Server error message. Hmm. So the XP based web request packets were not making through to the squid server. By pressing the Refresh button often enough, eventually the web page would come through, and when it did, I saw the web page request in the squid log, so squid was performing as expected.

I tried the ipconfig /flushdns and it seemed to help, but the problem came back after a few minutes. I tried setting the NegativeCacheTime http://www.tech-recipes.com/modules.php?name=Forums&file=viewtopic&t=344&start=0&postdays=0&postorder=asc&highlight= and give it a value of 0, rebooted, but this didn't fix it either, and initially really slowed down the web access. Web access speed came back after awhile, but still didn't resolve the probem.

In both cases, the clients are not configured with a DNS name for the server, they are configured with IP addresses. So, a DNS issue does not appear to be part of the problem here. In the case of the mail client, the POP3 server and the SMTP server are configured with the IP address of the Linux server providing these services. In the case of multiple web browsers that I tried (IE 6, FireFox and MyIE), the proxy server configuration was defined as an IP address and a specific port number, and yes, the port number was configured in the firewall to allow access.


I ended up turning on the firewall again, and the problem cleared up for a few minutes, and the web access performance is as good as it ever was, so was the POP3 mail fetching. OK, problem fixed. Well, sort of. Well sort of NOT! Outlook continues to have problems with POP3 even when using an IP address.

OK, so if the dnsrslvr.dll from SP2 is causing the problem, perhaps we can use the dnsrslvr.dll from before SP2 was installed. I ran regedit, went to HK_LOCAL_MACHNE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters and replaced the value of the ServiceDll string value with C:\WINDOWS\$NtServicePackUninstall$\dnsrslvr.dll, figuring that it would use the DNS cache functionality before SP2 was installed.

Well, I ran this for some time but it didn't solve the issue. Reither did using repair on the nework connection, and nether did running ipconfig /flushdns when the problem did occur. The only thing that I could find so far that fixes the problem is to disable and then re-enable the network connection in 'My Network Places' properties. This really sucks beause any applications that are using the connection abort when the connection is disabled, even for a short period of time.

However, let's consider the XP SP2 firewall's performance here. It will block packets from leaving the machine until some sort of counter is exceeded and only then let the packets though? (hitting refresh a number of times) Hmm. Or is it that it will only block packets from leaving the machine in certain cases, while allowing the same packets through in other cases? (When the web page finally makes it through)

Neither of these is really desirable performance for a firewall. Access should be granted 100% of the time, or blocked 100% of the time based on the firewall rules as configured. I think I just lost any faith in this firewall implementation. I'm sure glad that I've got my Linux firewall to keep my LAN safe, I'd hate to trust this one.

The other question I have is what sort of test program did Microsoft perform on the firewall? How could it possible have missed the valid configuration of turning the firewall off? Was this tested?

OK, so I think I have this figured out. You'll never guess what it was.

I've been running spybot search and destroy to keep spyware cleaned out of the system. Then added XP SP2 and the network connection went to hell, as you can read about above.

Then I downloaded adware's spyware cleaner, and it found a bunch of crap. Removed all of that stuff, and now it's fixed.

Guess you have to run both of these spyware tools on a weekly basis to keep things cleaned out and keep the system reliable.

Hope that this helps someone.

OK, since last post, I've done a complete sweep of spyware using both spybot and adware scanners, as well as re-installed SP2 in the hopes of resolving this problem. It doesn't.

The only way that I've figured out how to recover is to disable the network card and then re-enable it. The repair option does nothing. Anybody else have any clues as to what else to try.

Have you rebooted everything? Particularly the cable modem? What is the topology of your network? Is there a router in the mix? What kind? Have you rebooted it? First thing I would do is go directly into the cable modem, if you don't have the problems then you know you're looking at an issue with the squid/dns or something else en route to the internet. Also you could try hitting website's IP addresses instead of the name to see if the problem is related to name resolution. You need to take it down to minimum networking devices/services, update and reboot everything and then start working your way back down the line until you find the problem. What kind of network card to you have? Have you upgraded the driver for the network card? Good luck!

I've not rebooted anything except the client. The client machines is dual boot, so I booted it back into Windows 2000 and this works like a champ. The network configurations for both machines is identical, the same static IP address, the same DNS server (the Linux firewall machine), the same WINS server (again the Linux firewall machine), and the same fixed proxy configuration(again the Linux firewall machine).

Prior to installing XP SP2, the XP installation was as solid as the Windows 2000 installation WRT network connectivity.

No, this is a problem specific to Windows XP and SP2.

The network card? It's a SMC EZ Card 10/100 (SMC1211TX), so the drivers are part and parcel of both OS installations.

I hear ya but all the more reason to upgrade from the manufacturer...I'm with you though, I doubt it's the driver.

Here's something interesting, it looks unrelated but if you're using loopback functions in any way on this machine it might be worth looking at: http://support.microsoft.com/?id=884020

Here's some stuff for troubleshooting that you may already know, but just in case:

telnet <ip or name><tcp port>

A test to a using FQDN to a webserver (port 80):

telnet yahoo.com 80

if that fails see if it's related to DNS:

telnet 216.109.112.135 80

To test dns response telnet a DNS server on the port used for DNS query:

telnet 207.172.3.8 53

You know if it's working if you get a blank window...that lets you know you can communicate with the server you're trying to reach. A failure yields an error like this:

C:\>telnet 216.109.112.135 80
Connecting To 216.109.112.135...Could not open connection to the host, on port 80: Connect failed

I wanted to bring up DNS since intermittent DNS issues look like IP issues, and they may be but you also might be able to isolate a particular aspect of the SP2 upgrade by testing specific services.
At this point I'd be curious what services are running on this machine...I think IPv6 and possibly the Application Layer Gateway could be causing some problems. Do you know if you have UPnP enabled? Have you tried going through and disabling services when the problem is happening? I'm hoping the tests above might help give you some idea exactly where the problem is...is it routing, is it dns, is it the proxy -- obviously you know it's SP2 in some respect but we need to figure out more specifically what portion of your config it is having trouble with...possibly there's a tcpip setting that needs to be tweaked. Maybe try slowing down the link speed of the card to 10MB? Good luck!