Slow SMB/CIFS to/from Win2008R2 Server

Question

Dell R710 w/ Intel 82576 gigabit NIC (latest Intel drivers). I'm setting up a new Windows Server 2008 R2 SP1 & so far I've installed updates & configured the File Services & Web Server (IIS) roles. Windows Advanced Firewall is on (by default), and configuring the roles seemed to activate some rules to allow the web server ports & file sharing.

Problem: I can connect to a test file share fine, but copying large files is abysmally slow. I'm getting ~10MB/s copying to/from a Windows 7 client. The same client can easily get 80-90MB/s to a different file server (so it's not the client). If I disable the firewall, I get full gigabit speeds. If I enable it, it drops down to 10MB/s. I'm using the default firewall settings that are configured when enabling the File Sharing role. Obviously I need to enable others, but which ones?

After further investigation, it seems to be one (or all) of the "Network Discovery" inbound/outbound rules. I noticed Windows enabled these rules on the "Private" profile, but not the "Domain" profile. If I enable them all for the "Domain" profile, the problem goes away. I don't like blindly enabling rules.

I take the above comment back. Enabling "Network Discovery" rules seemed to work briefly, but now it stopped.

Well, this is turning out to be a network problem. Just happened to rear it's ugly head around the same time I brought this server online. I don't think the extra firewall rules I mentioned here are required at all.

you say win7 client can get 80-90mB/s from another server, is the other server w2k8r2 with or without firewall? — tony roth, Mar 12 '12 at 22:49
The other server is a Ubuntu server. I only mentioned it to rule out the client. — churnd, Mar 12 '12 at 22:52

score 2 · Answer 1 · answered Mar 13 '12 at 05:44

2

So I assume you're in an AD Domain, so make sure your client and server show they are using their domain firewall profile. AD Domain firewall profile

Windows determines it's on a domain by the DNS suffix of it's connection (ipconfig/all "primary dns suffix").

On a new 2008 R2 server I use as a file server, I have file sharing, web server, and DFS enabled, and here's my default inbound rules for comparison. I've never known the firewall to affect SMB speed, but still work a check. Server 2008 R2 file server firewall rules .

Other things I've seen are a bad network cable (on your server) that drops your connection to 100MB, so I would test speed between server and Ubuntu to validate (and check status page of NIC in windows to see connect speed). Also, why not use the mobo Broadcom NIC's? They'll give you 1GB throughput all the same.

answered Mar 13 '12 at 05:44

Bret Fisher

3,973
2
21
25

Yes, I'm on an AD domain. Client firewall is not on & is on the same domain. I'll get a screenshot of the firewall rules & post. Do outbound rules affect things too? I don't think it's a bad cable because I also tested NFS on this server last night & consistently got 60-70MB/s. I'm using the Intel NIC because of better teaming support which I will be using once this issue gets sorted out. – churnd Mar 13 '12 at 10:43
Be default Windows outbound rules are not enabled. Also I would disable any AV on client and server just to rule those out. – Bret Fisher Mar 13 '12 at 14:45

Slow SMB/CIFS to/from Win2008R2 Server

1 Answers1