First time here? Check out the FAQ!

Ask Your Question
0

SMB2 copy issue and SRT
 
  
 
 
     
 
 
 
 
 
 
 
    
        
        asked Feb 27 '3  
 
 AL gravatar image  
 
 
 
 
    
        
        updated Feb 27 '3  
 
 
 
 
 
I am having an issue, copying a single large file (2GB) from a Server 2016 to a Windows 10 client. Both client and server on same network and subnet
 
2 laptops (different models), on one of the laptops copy takes about 5 mins as expected. One another laptop copy takes about 30 mins and in Windwos copy GUi I can see the transfer rate drop to 0 bytes per second and then increase
 
I  took wireshark trace from both laptops and I am suspecting issue with the SMB2.
 
I did a SMB2 SRT analysis on the 2 laptops and on the laptop with slow copy the READ SRT sum value is very high, compared to the same read on the laptop with the good copy
 
Am I correct in thinking the issue is related to SMB on the client side
 
Preview: (hide)
 
 
 
 
          
 
Comments
It is propably a combination of factors. But a client which downgrades a connection type will have a dramatic adverse effect on the performance.
But without actually looking at the packet capture it is very hard to tell. But in your case I would lok at the details at the start of the session. Nuances in the negotiation may decrease effentiency a lot.
hugo.vanderkooij gravatar imagehugo.vanderkooij (
    
        Feb 27 '3
    )
I did further testing can confirm issue is with SMB2
I copied same file from same server to same client using FTP and 2 Gb file took 7 minutes to copy
Same copy using SMB2 takes 30 mins.
AL gravatar imageAL (
    
        Mar 7 '3
    )
I agree, I'd love to see the PCAPs for these transfers so that we could see exactly what is going on.
I would like to say that you have to be careful interpreting Wireshark's SRT values for SMB.
In a long time ago Ask Wireshark question:
https://osqa-ask.wireshark.org/questi...
there were very high SRT values - but they weren't a problem with the server at all.  They were an artifact of the way that the SMB client made its READ requests.  The client issued large bursts of READs all at once, sometimes more than 120 in one go. These were all done within a single TCP connection - meaning that they had to be serviced sequentially.
Imagine 100 READ requests all arrive at the server at once. The 100th will have to spend time in a server queue, waiting for the data in READ-1 through READ-99 to ...(more)
Philst gravatar imagePhilst (
    
        Apr 13 '3
    )
add a comment
 
 
 
 
 
 1 Answer
    
 
 
                    Sort by »
                     oldest newest most voted 
 
 
 
 
 
  
 
 
 
 
0
 
 
  
 
 
 
 
 
 
 
 
    
        
        answered Feb 27 '3  
 
 Eddi gravatar image  
 
 
 
 
 
Just a few ideas:
 
     
  • Is the disk full or very fragmented (note that fragmentation is less of an issue with SSDs)
    •  
  • Please check your System Event Log for Hardware Errors, especially Disk Errors
    •  
  • Another Event Log worth taking a look at is the WHEA Event Log
    •  
  • Do you have multiple anti-malware products installed? If so, try to go back to one or set an exclustion
    •  
  • Are your anti-malware products up to date?
    •  
 
And, of course, can you share the trace file, so that we might identify if the problem lies on the sender or on the receiver side.
 
Good luck!
 
Preview: (hide)
 
 
 
 
         
        link
        
 
Comments
The weird thing is the laptop with the copy issue is a new laptop latest i5 CPU and SSD hard disk where as the laptop with no issue is an old laptop i5 gen 3 CPU with a non SSD hard drive, so I doubt issue would be with the specification of the laptop
The laptop with no issue is running Microsoft built in AV where as the other laptop is running Sophos. I even disabled Sophos and this didnt resolve the issue.
I will upload both capture files
AL gravatar imageAL (
    
        Feb 28 '3
    )
add a comment
 
 
 
 
  
 
 
 
 

    
        Your Answer
    

 
 Please start posting anonymously - your entry will be published after you log in or create a new account.

    

 
 
Add Answer
 
 
 
 
 
 
 
 
   
  
 
   
 
 
 
 
 
 
 
 
Question Tools
  
 

        
        
            1 follower
        
    
 
 
 subscribe to rss feed 
 
 
 
 
 
 
Stats
 

        Asked:  Feb 27 '3  
 
 
        Seen: 418 times 
 

        Last updated: Mar 07 '23