How to improve network perfomance of VMWARE server running on Windows 2003 Enterprise?

Posted on 2008-11-04
Medium Priority
Last Modified: 2009-06-25
Running VMWARE server 1.7 on windows 2003 Enterprise R2 HOST.
(Dell PE 2900 with two nics, I have disabled teaming since I thought it might be the problem, no change)

File transfer speed to/from host (win 2003 ent R2) works fine.
File transfer speed to/from Guest-VMs (win 2003 and win XP) are very slow.
When I ping large packets to the guests-VMs, packets are getting dropped.
Tested rest of network works great (also note test to host works fine)

The nics are the stand Broadcoms that come with the poweredge 2900.

Any networks tweaks would be appreciated.
I get the feeling this is due to some sort of anti-DOS (Denial of Service) feature that is in Enterprise R2, I do not have this problems with Standard R2.

Add to the info I temporarily enabled TS (terminal service) on HOST (yeah I know not a good idea), and if from a guest-VM I try to TS to the host the server hangs for about 2 minutes...

Again this looks like misbehaving anti-DOS to me.

Any idea?
Question by:rmyers1968
  • 3
  • 3
  • 3
  • +1
LVL 29

Accepted Solution

Michael Pfister earned 1000 total points
ID: 22884192
1. Get the latest drivers for your Broadcoms (either Dell or Broadcom, whatever is newer) and install them

2. Turn of TCP Chimney and check if it improves performance (http://support.microsoft.com/kb/945977/en-us)
LVL 29

Expert Comment

by:Michael Pfister
ID: 22884194
3. Get an Intel server NIC.
LVL 24

Expert Comment

by:Luciano Patrão
ID: 22884358

First try to use one NIC to the VMware itself(and host machine)
Second, try to use the other NIC to the VMs

Do not forget to install VM tools, in all VMs, and update all your drivers

Make that changes, and test

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

LVL 57

Expert Comment

ID: 22884987
What do you mean by "ping large packets"?  Do you mean you specify a length on the ping command that is big, like say ping x.x.x.x -l 4096?

When you are pinging where are you pinging from?  A computer on the network or the host OS? If from a computer on the network, what happens if you ping from the host OS.

What services are you running on the host OS?

What are the hardware specs on the host server?

How many active guests do you have?

Are you running the VM machines in bridged mode or routed?

Author Comment

ID: 22896923
First off thanks for the responses.

I had read that article and have updated and disabled chimney and nothing changed. I do agree I never had this problem with servers running Intel Nics just these broadcoms, and I see lots of rants on broadcom NICs.

I have tried on NIC only and did not see any changes... VM tools are installed and latest drivers to host are installed too...

What I mean is from a workstation on the NET, if I "ping x.x.x.x -l 15000 -t" where x.x.x.x is the vm-guest IP I drop packets. But if I ping the vm-host with the same size packets no problem.

Host server is running VMWARE (installed IIS for the VM) and temporarily terminal services but the problem was there before term services...

Server is a a beast PE2900 RAID6 (striped/mirrored) SAS drives, 2x  Intel quad core processors and dual Broadcom NIC. Running Windows 2003 RD 32-bit Enterprise with 8GB of RAM and 1TB of storage.

Active guests = 2.

Running in bridged mode

I found articles on LSO (large send offload). I set IPv4 Large Send Offload to disable and it has greatly improved server performance... I read up on this and I don't really understand why... But generally, changing this setting may mask a greater problem...

Any ideas?
LVL 57

Assisted Solution

giltjr earned 1000 total points
ID: 22897268
If you really ping'ed with a length of 15,000 bytes (-l 15000) I would not be suprised that you saw packet loss going to a virtual machine.  This is a big payload.  Is there a special reason you are using 15,000 bytes?

LSO:  Some of this you may know, but Ethernet has a framesize of 1518, with 18 bytes of overhead, so the large payload can be 1500 bytes.  IP has a header of 20 bytes and TCP has a header of 20 bytes, this means the largest payload per packet for TCP is 1460.  If TCP needs to send say 20,000 bytes, then TCP breaks the 20,000 bytes down into multiple packets of 1460 for as many packets as it takes to get 20,000 through.  This is overhead for the OS.  What LSO does it it allows TCP to send larger packets, up to about 65K, and the NIC segments the TCP packet into multiple ethernet frames of 1500 bytes each.  This moves the overhead from the OS and your computer's CPU to the NIC.  Now, if you had LSO enabled on the virtual NIC of the virtual machine, then this would be handled by the host OS and cause overhead on it.

What is the normal CPU utilization on the host OS?

How much RAM does each virtual machine think it has?

Author Comment

ID: 22905960
Thanks for the info. No reason for that particular size... I always though that ICMP could go to nearly 64K (including header) so I figured that 15000 was less that 25% from a "ping of death" and would demonstrate response time and speed of a good size traffic...

I did not enable LSO on the Guests just the host...  Good explanation of the LSO though thanks.

Normal CPU utilization of HOST is about 1% to 2% (really not much going on here...)

Windows 2003 Guest OS thinks it has 1GB
Windows XP Guest OS thinks it hat 256MB
LVL 57

Expert Comment

ID: 22912037
This person had a performance issue running under VMWare 1.0.6 and VMWare recommended that he upgrade to V 2.0.  Although your version of VMWare is newer than his, it may be work the try to get the latest version of VMWare installed.

Ref: http://www.experts-exchange.com/Software/VMWare/Q_23860070.html


Author Comment

ID: 22916519
Thanks I may try that but first I am going to try putting in a Intel 1000MT Dual nic and disable the broadcom card to see if it runs better.

Thanks again for all the help, will post results soon.
LVL 29

Expert Comment

by:Michael Pfister
ID: 24626501
angelllll, if rmyers1968 does not come back, please split points.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
In this article will go through how to backup a vPostgres DB from a broken vCenter Appliance and restore to a new vCenter Appliance.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question