Windows File Copying using ASA is very slow

Unanswered Question
Sep 15th, 2010

Hi All,

I am facing a strange issue.

We have a backup server , to which all application servers ,webservers and db servers copy the files . Before implementing the application (NAS) , we wanted to test the file transfer rate , so we tried normal windows copying "\\serverip " ( which uses port 445).

When i transfered files placing both NAS device and server in the same zone , speed is up to 120Mb/sec. But when i keep NAS device in one zone and copy files from another zone speed is getting drastically down to 10Mb/sec.

I have already opened a TAC case but they were not able to help me out much. But couple of times we have bypassed firewall and tested with putting servers and NAS in same vlan and tested there is no issue with the transfer speed.

Following has already been tested

1) disable NETBIOS inspection on ASA

2) tcp-map , bypassed flags ,cleared windows scale on both ASA and server and client .

Anyother suggestion.

With regards,

ParveesM

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kureli Sankar Wed, 09/15/2010 - 07:23

In the past these things have resolved the issue for me.

1. The problem is that Windows will not allow multiple smb connections on port 445.

Subsequent connections will cause the existing connection to be reset. 

This behavior is described by Microsoft Article KB301673.

http://support.microsoft.com/kb/301673

Two solutions:
a) Modify the registry on the server per KB301673 to use only port 139 and reboot the
server.
b) Block port 445 by ACL on the Pix so that it will be forced to default back to 139.

2. The issue was a conflict between the windows scalable networking pack that
was introduced in service pack 2 for windows2003 and the Broadcom netxtreme II adapter.
Disabling the tcp chimney feature that this new service pack introduced solved the issue.

Turn off TCP Chimney by using the Netsh.exe tool by following these steps:

a. Click Start, click Run, type cmd, and then click OK.

b. At the command prompt, type "Netsh int ip set chimney DISABLED" and then
press ENTER.

If you want to read further information about this issue, you can consult
the following link from Microsoft Technet:

http://support.microsoft.com/?kbid=912222

3. This is something that I heard very recently: Seems like this is enabled by default on win2008 hosts and it helps with large window size where by a huge amount of data can be sent
before the expect to hear an ACK back from the host that is receiving the data. Disabling CTCP with the below
command gives better results. "netsh interface tcp set global congestionprovider=none" to disable C-TCP on the servers.


More information take a look at http://technet.microsoft.com/en-us/library/bb726965.aspx

Give these a shot and let me know if on of these resolve the issue.

-KS

Actions

This Discussion