Single SMB Server Issue...
-
Hi all,
I could really use some help here. I'm in the middle of a deployment and every road I go down is blocked with some sort of problem.
Here's my current issue:
I've configured a OVPN tun VPN which works. EXCEPT for one windows file server. This server is configured the same as all the other servers on the network.
The problem is that it is either horrendously slow, or connections to it freeze the file explorer requiring a login/out to reset it.
Locally the server is fast and behaving normally. And 16 other servers are working fine.
Has anyone seen this behavior before? I'm at a loss after combing through the configuration of the server for about 3 hours.
-
@cozzicon well generally speaking smb across a wan or vpn connection is never going to be a speedy thing. SMB not really a protocol for large BDP (higher latency)..
But your ok with the other servers speeds, and they all sit in the same place, on the same network segment? Is it possible this server is using say jumbo frames while the other servers are not? That could prob compound the issues of going across a vpn or wan type connection. Which might not be an issue if local to the servers network.
-
@johnpoz Nope.. jumbo frames are disabled.
-
@cozzicon and this server on the same network as the other servers that your ok with their performance, and pointing to the same gateway as the other servers?
That is very odd for sure if all of that is true.
If was me, I would prob take a network sniff on pfsense (packet capture under diagnostics) take a look at what traffic looks like to and from good server. And then do a sniff with the other servers IP and see what is different? Lots of retrans? Much smaller window size being used? etc..
This might give us some clue to what the cause of the difference in performance is.
-
@johnpoz Yup all of that is true.
Additionally the server is on the same hyper-v machine that all the other servers are on. So it's not a real world networking problem at all. All the Vms are on the same 10Gb virtual switch.
The only odd thing about this particular server is that it has a 6TB volume on it.
Also, this was not a problem with another firewall system that also used openvpn.
I switched to pfsense because the ipsec support is somehow better- this was trying to resolve an issue with a customer we need to connect to.
Now I can't get to testing the ipsec link until I resolve this. I've got a $10,000 Checkpoint sitting here which I want to return.
