0

We're in a small satellite office connected to our HQ over a VPN connection. The connection itself is not bad, ping times are around 100 ms, remote access, telnet and FTP speeds are fine.

However, connecting to HQ's Windows servers from our Windows clients is absolutely horrible. Generally, I do this via 'My Computer', using \server, possibly followed by path. Displaying a 10-item directory can require upwards of 2 minutes of hourglass watching.

If I 'net use' the server, directory listings are much faster, so it seems to be a 'My Computer' problem.

I'm using Windows XP 64-bit, but all 10 machines at this site (Vista, Win7, etc) all exhibit this problem to one extent or another.

Unfortunately, I cannot at this time tell you much about the network topology at our HQ site, but I can ask if anyone has any specific questions.

Marc Bernier
  • 131
  • 5
  • See: [Accessing samba shares over the internet](http://serverfault.com/questions/105241/accessing-samba-shares-over-the-internet) – Zoredache Jun 29 '10 at 16:18

3 Answers3

1

100ms ping times are not great ping times as far as I'm concerned. SMB\RPC communications have always lagged via VPN connections in my experience. SMB\RPC communication requires more resources than FTP, HTTP, SMTP, etc. and in addition the VPN traffic has to be encrypted\decrypted so IMHO you're probably not going to be able to do anything to make it any better.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • Do you know if 'net use' uses SMB/RPC? Command-line dir's through net use are not bad. Is there a way to temporarily turn it off to confirm this? – Marc Bernier Jun 29 '10 at 13:30
  • Net use does use the same type of SMB\RPC communication but you're connecting directly to the resource instead of browsing for it, so it tends to perform better. Browsing the network requires the workstation service to enumerate the network browse list which causes the performance lag. – joeqwerty Jun 29 '10 at 13:48
  • Is navigating up and down the directory tree considered browsing? It is not just the initial connection to the server, but every movement on the server's directory tree. – Marc Bernier Jun 29 '10 at 18:44
  • Are you doing the navigating of the directory tree from the Network? If so then yes, I believe the same performance issues would affect that as each machines server service has to "publish" it's list of shares to the browse master(s) which maintain the browse list and then your workstation service has to enumerate all of those shares. A whole lot of things come in to play when browsing the network: SMB\RPC, name resolution, browse lists, etc. Again, mapping a drive to a share on the server and then navigating the directories on the mapped drive will probably give you the best results. – joeqwerty Jun 29 '10 at 19:40
0

SMB resource isn't really that much as much as the fact that the protocol requires acknowledgements of almost everything. Over a high latency link this means you are frequently waiting for the other side to say 'OK'.

If you really want to improve things you should consider upgrading to Windows Vista/7 and Windows 2008/2008r2.

See this question about SMB performance for some things you can do in the interim.

Community
  • 1
Zoredache
  • 128,755
  • 40
  • 271
  • 413
0

Try testing these registry settings on one of the clients: 

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\CryptoSignMenu]
"SuppressionPolicy"=dword:00100000

[HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{3EA48300-8CF6-101B-84FB-666CCB9BCD32}]
"SuppressionPolicy"=dword:00100000

[HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-080036B11A03}]
"SuppressionPolicy"=dword:00100000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SCAPI]
"Flags"=dword:00100c02

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoRemoteRecursiveEvents"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoRemoteChangeNotify"=dword:00000001


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"NoNetCrawling"=dword:00000001

You may also want to reduce the MTU of the LAN adapter on the client, typically 1400 or less. That setting is located in the registry at:

Key: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces{LAN adapter guid}
Value: MTU (Dword) 1400 (decimal)

Greg Askew
  • 34,339
  • 3
  • 52
  • 81