So, it turns out that the root cause of all of our problems that we were troubleshooting with the new content filtering software that was deployed. Somehow, it was instructed (or just decided) to install itself onto our two domain controllers, among others. This resulted in our DCs sending all traffic out to our content filter, which is a hosted service on the Internet, for perusal, before sending it back to the client. No wonder we had so many delays and disconnects.
This really was a comedy of errors, which included a faulty NIC in one of the servers, as well as a poorly-configured switch cascading setup. Throw the content filtering debacle into it, and we had a real mess.