Cisco WAAS 4.0.17 CIFS Optimization

Unanswered Question

We recently installed a Cisco WAAS for a customer consisting of a core 612-4GB, 512-2GB for edge, and a 512 for CM duties. We configured the 612 to export specific files on a netapp NAS to remote users at the edge. The WAN connection between core and edge is 6Mbps Metro LAN.


Acceleration works great on typical FTP/HTTP and even most of the CIFS traffic. However, there is one application that the customer is using the requires the application be located on a CIFS file share on the NetApp NAS. This is a homegrown app that calls about 50 .exe and .dll files on the local file share during startup as well as several SQL files. Its a client/server based application with a fat client installed on each users desktop.


We wan the cisco WAFS benchmark tool and examined the results. CIFS AO is definately working.


The application, however is still significantly slower to open at the edge site as compared to the central office site. 5secs locally and 30-35secs remote. Application response time inside the application is slow as well for certain queries.


We ran some packet captures on the client and examined the results. When using the SMB analysis commands inside of wireshark we can see that most of the CIFS transacation types are getting SRT in the neighborhood of <5-20msec. Their WAN is about 20-45msec, telling me that most of these transactions are getting responded to by the WAE.


Does the CIFS AO proxy on the WAE respond to the following transaction types locally?


SMB Trans

SMB Tran2

Query_File_Info

Other Query Types


Since the application is calling about 50 or so small files i was wondering if the SMB queries are being cached on the WAE or must make the round trip to the origin server and be subject to WAN delay. Comparing the results of the same test local to the server results in all transactions getting <1msec SRT so my feeling is anything over 20msec is probably not getting cached/responded by the WAE and is subject to WAN delay.


Is there a breakdown out there of what the WAE CIFS AO will and will not cache or respond to ?



Thanks


Mike Louis

CCIE 17082

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
metro-jsmith Thu, 08/21/2008 - 11:28
User Badges:

Mike, I'm no expert but you could try to preposition the application/files you're utilizing on the NAS. This is of course dependent on how often the file(s) change and need to be re-read. I had a similar situation and prepositioning the directory that I needed frequent access to improved cached performance by 10% - 15%.

ropethic Thu, 08/21/2008 - 11:57
User Badges:
  • Silver, 250 points or more

I would check to see if the client and server is using SMB signing. SMB signing in windows is used as a "man in the middle" prevention. The server may treat the WAE as a man in middle. WAAS 4.07 and above will auto detect smb signing and revert to layer 4 optimization (DRE,TFO and LZ).

It sounds to me CIFS AO is not being utilized. This may explain why wafs benchmark worked fine. It may very well be clients have smb signing on.


SMB signing is optional on WIN FS and required on domain controllers. I would turning off smb signing on file server or make it optional and turn off on clients.

To disable SMB signing:

How to turn the SMB Signing Requirement to Optional or Disabled


To disable SMB Signing or make it optional (negotiated), login to a domain controller and open the *"Domain Controller Security Policy"*MMC snap-in to modify the domain controller policy, or the *"Domain Security Policy"*to modify the domain members (clients and servers) policy, generally found under Start > Programs > Administrative Tools. From the left pane, expand to Security Settings > Local Policies > Security Options, and locate a policy called:


Microsoft network server: Digitally sign communications (always) - this setting, when enabled, will requireSMB Signing on both the server and client. To disable - Double-click this item, ensure that "Define this policy setting" is checked, and that the radio button next to "disabled" is selected.


Microsoft network server: Digitally sign communications (if client agrees) - this setting, when enabled, will make SMB Signing optional(negotiated) and will support older Windows clients and servers. You may leave this option enabled (default). To disable - double-click this item, ensure that "Define this policy setting" is checked, and that the radio button next to "disabled" is selected.


Microsoft network client: Digitally sign communications (always) - this setting, when enabled, will requireSMB Signing on both the server and client. To disable - Double-click this item, ensure that "Define this policy setting" is checked, and that the radio button next to "disabled" is selected.


Microsoft network client: Digitally sign communications (if client agrees) - this setting, when enabled, will make SMB Signing optional(negotiated) and will support older Windows clients and servers. You may leave this option enabled (default). To disable - double-click this item, ensure that "Define this policy setting" is checked, and that the radio button next to "disabled" is selected.

Then, reboot the server, or execute the command "gpupdate /force" from a command line window to refresh the policy settings


jkeeffe Fri, 08/22/2008 - 08:34
User Badges:

What Cisco WAFS benchmark tool are you using? Is this a separate tool, or is it embedded within the IOS or GUI somewhere?

Actions

This Discussion