2

access to our server via VPN is extremely slow using the Mac Finder. It will take 20-30 seconds just for the directory contents to be listed. File transfers are also excruciatingly slow.

The configuration:

Server: Asustor NAS AS6302T (ADM version: 3.5.2.RAG2) Router: Telekom Digitalisierungsbox Box Premium (firmware version 11.01.03.103) which is the evil twin of the bintec elmeg be.ip plus

Internet connection: Telekom DeutschlandLAN SIP trunk (100 MBit / s download, 40 MBit / s upload)

VPN connection via Digibox via IKEv1 using the following instructions: https: //archive.bintec-elmeg.com/Files/Weiter_Downloads/Documentation/workshops/current_de/ws_be_IP ...

VPN client: Several MacBook Pros with different OS (e.g. 10.15.7, 10.14.6) - Mac's own VPN client (Cisco IPSec IKEv1)

Client router: various routers, etc. Fritz boxes, Vodafone (Unity Media) boxes, mobile phone hot spots

If VPN is established, the connection to the NAS is established via SMB and is painfully slow. If I access the NAS via HTTP with an existing VPN, the connection is fast. Also when I access via FTP.

My guess is this is somehow related to the SMB connection. I had already read that SMB signing has a major impact on performance. However, the SMB connection in the LAN is fast.

Any ideas where to even look?

ThreadStarter
  • 21
  • 1
  • 3

1 Answers1

0

A couple of things to consider based on my experience with slightly older systems:

Depending on the age of the NAS, it may be defaulting to SMB version 1. This was usually done for backward compatibility a number of years ago. I believe SMB v3 is the default on Windows and Mac systems these days.

The Mac OS finder by default scans folder contents and .DS_Store files before displaying. On a network share with lots of items this can be painful. The scan can be disabled using something like below. Apple support item included.

[https://support.apple.com/en-au/HT208209][1]

defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool TRUE

In general, I rarely use SMB over VPN like because of the same behaviour you have observed. Once you have a VPN connection, it is better to connect to a remote server and access the NAS from it. Alternatively, use a different technology such as FTP or HTTP, as you mention, to get files on your local machine.

Dharman
  • 30,962
  • 25
  • 85
  • 135
Emanuel V
  • 143
  • 8
  • The NAS is fairly new (it was anounced in May 2017) and lets the user explicitly choose between SMB v1, v2 or v3. Obviously I chose SMB v3 - with a minimum fallback of SMB v1. If you know of a way to check which version is actually in use, please let me know! – ThreadStarter Nov 03 '20 at 12:35
  • I disabled the scan like detailed in the support item and a quick test shows success! Further testing is needed, but I think it will work fine. Thank you very much! PS: Please mark the answer as helpul! – ThreadStarter Nov 03 '20 at 13:34
  • One more thing: you wrote to connect to a remote server after establishing a VPN connection. Do you mean a remote software like AnyDesk or this there a built-in way without further software? – ThreadStarter Nov 03 '20 at 14:29
  • I think AnyDesk is more of a remote sharing application where you can connect and shadow a foreign session on a remote host. This is a typical scenario for support staff trying to observe and diagnose remote clients. I was thinking more along the lines of Microsoft or Citrix Terminal Services, or a dedicated on-premise host you have exclusive access to. I'm guessing you don't have that type of environment. – Emanuel V Nov 04 '20 at 12:38
  • No Microsoft or Citrix Terminal Services available. I guess we'll just have to live with the slow performance (which did improve noticeably thanks to your tip). – ThreadStarter Nov 06 '20 at 08:33