10
4
I can't seem to figure this one out. I was using windows 7 and I had no issues with being VPN'ed into work and browsing websites. Since switching to Windows 10, it's another matter.
Windows 10 and no VPN, no issue. I can ping google.com and immediately get a response as well as the IP address. Windows 10 and VPN, The initial ping takes a good 10 seconds before getting responses. Once I get the IP it's fast, but the initial DNS lookup is slow. I can ping addresses directly and there's no delay so it's definitely DNS related.
I've done this in PowerShell:
Get-VpnConnection
Set-VpnConnection -Name "VPN Name" -SplitTunneling $True
I believe it works in the sense that very little traffic goes through the VPN, but DNS requests are still slow.
I've also disabled IPv6 from the VPN connection.
If it were possible to set the DNS servers to be used by the vpn connection, I think my issue would be gone, but I can't set them. The properties button on IPv4 doesn't do anything... at least not for the VPN connection.
Any other suggestions to get this to work smoothly?
1
See if this answer improves the situation.
– harrymc – 2015-09-04T14:08:46.703It didn't seem to unfortunately. – Recognizer – 2015-09-04T14:33:19.637
1
It seems like Windows 10 VPN is full of bugs and missing code. Try setting
– harrymc – 2015-09-04T18:33:27.910DisableParallelAandAAAA
as described here andDisableSmartNameResolution
as described here. Reboot after each change. It seems like VPN problems in Windows 10 have driven many people back to Windows 7/8, so you should be thankful that your problem is only a 10 seconds lag.I might actually switch back to 7 myself. – Recognizer – 2015-09-04T19:38:19.767
If you have upgraded from 7 to 10 and not deleted the folder
Windows.old
, then going back is easy. – harrymc – 2015-09-04T21:31:24.367It sounds like your VPN connection is appending the VPN DNS servers to the end of the list and leaving the non-VPN DNS at the top. Then the resolver is having to timeout on the non-DNS servers before it gets to the reachable VPN DNS. You can confirm this with IPCONFIG /ALL, comparing while disconnected and connected to the VPN. If this is in fact the case, you should be able to do some clever Powershell'ing or netsh'ing to workaround this (sorry, neither of those is my area of expertise so I can't propose examples) – Brandon Xavier – 2015-09-06T13:35:57.923
@BrandonXavier: Not for Windows 10, where the resolver was rewritten to issue DNS queries to all adapters in parallel, then take the first answer to arrive. Probably that rewrite introduced some new bug that the poster is encountering. – harrymc – 2015-09-06T17:57:38.077
Thanks harrymc. That's interesting and good to know. Also, just did a packet capture on my Windows 10 box, it seems nslookup doesn't use the SNR - test queries only produced single queries, while things using the resolver libraries (this browser, ping, etc.) produced parallel queries. Wonder if disabling SNR reverts it back to the classic sequential behavior? – Brandon Xavier – 2015-09-06T19:26:42.327
@BrandonXavier: My second comment above shows theoretically how to return the behavior as much as possible to that of previous Windows versions, but I don't know if the poster tried them. If you are tracing it, you might try these and comment upon them - I'm interested too. – harrymc – 2015-09-06T20:06:31.623
I have similar issues. Even after disconnecting from the VPN performance is bad until a reboot. I've got additional bugs like being unable to access IPv4 or IPv6 properties for any network adapters. This is on a fresh Win10 install. – Chris Herring – 2015-09-06T23:10:35.617
@ChrisHerring: Apparently the Properties-handling code went missing in Win10. I don't think that version 10 was really ready for release. – harrymc – 2015-09-07T05:40:22.420
@Recognizer: Comments were made, and it's time for you to indicate whether any of them should be expanded into an answer that is acceptable to you. IMO your choices are really (1) downgrade to Win7 or (2) waiting on Microsoft for a fix. – harrymc – 2015-09-07T06:58:06.713
I'll downgrade. Who knows how long it will be before Microsoft fixed the issue. – Recognizer – 2015-09-07T10:35:36.723
The procedure for the downgrade is detailed in my answer. – harrymc – 2015-09-07T17:56:52.237
Looks like this issue has been resolved at least as of Windows 10 build 10565. I have since returned back to Windows 10 and can confirm that I no longer get this issue. – Recognizer – 2015-11-23T19:12:12.677
Not sure if anyone mentioned this but we found setting the Automatic metric to a lower priority to help with DNS issue. Once we set the network connection for our VPN connection to 1, we could get all our resources. Our issue now is, the NIC is taking forever to connect and only when navigation to the Network interface does it finally connect. – Stacy Drakeford – 2018-06-25T12:02:23.113