Solved

Disk access to SBS 2003 Extremely Slow

Posted on 2009-04-14
8
945 Views
Last Modified: 2012-05-06
Hello all:

   I manage a server that has worked quite well for nearly three years.  In just the past few days, it has slowed way down.  I notice this mainly from the server console.  If I try to browse the contents of the folders, it seems to take forever.  When opening applications - for example, event viewer, Start, Admin Tools open quickly.  Event Viewer itself is slow.  Getting the details for an event is very slow.  The same is true for opening management utilites.  Task Manager shows almost no CPU activity.  System Idle is usually in the 90% + range.  But the hard drives seem to be working pretty hard.  Configuration is a 7 x 250GB SATA drives in a RAID5 with one hot spare.  All configured as Drive C.  One other hot-swap drive is available for backup as drive E:  There is a lot of room available still on drive C: (like 650 GB).  I checked the 3Ware controller utility and everything seems to be in the green.  I am getting a lot NDR messages being sent out from the server.  I disabled SMTP for a while and that seemed to help, but not solve the problem.  So I enabled it again.  Does anyone have any ideas what I can check next??

Oh, and I in the middle of upgrading our Trend Micro SMB Messaging from 3.6 to Worry Free Bus. Security Advanced.  Backup is BackupExec 10d.
0
Comment
Question by:jhuntii
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24143813
Rather than cut and paste of a MS KB article you should have stated the source.
http://support.microsoft.com/kb/886208

Post above flagged to moderators for removal.

Simon.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24146986
RAID 5 is slow anyway. If you have seven drives what you should have done was created two arrays, one for the OS and applications (mirror of two drives) and the rest for data.

Run the SBS best practises tool on the server, see if that flags anything of interest.
If the server is being abused then it would show in the queues in ESM.

Simon.
0
 

Author Comment

by:jhuntii
ID: 24151613
There are those who would argue that RAID5 is fast, not slow... :)  However, I love RAID1 myself and if I had it to do over I would set this up differently.  Anyway, the speed has been acceptable for the past couple of years.  Only in in the past few days it has become nearly unuseable.  I'll run the best practices tool (if I can get it downloaded and installed - it may take a day or two just for that!).  I'm also checking NDR settings/possible attack.
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 65

Expert Comment

by:Mestha
ID: 24156761
For hosting the OS, RAID 5 is slow. RAID 5 has its place, but by setting up everything on a single RAID 5 array you have crippled the system.

Exchange is a high transactional database, which needs to write to two two locations at the same time. Take in to account the fact that you have everything on the same array, plus the speed hit of RAID 5, and you have a system that is being held back by its storage configuration.

Throw in the additional overhead of SBS, and it is combination that will have performance issues.

Simon.
0
 

Author Comment

by:jhuntii
ID: 24395813
It turns out that we found thousands of messages in the queue - most from postmaster.  In researching this it appears we have been under an NDR attack.  I have set up the recipient filtering and tarpitting and cleaned out the messages.  That allows the server to speed up - for about a week, then the queues fill up and the server slows down again.  Should I turn off NDR responses for a while?  Also, this server has started to send out mass mailings - could this have had an effect on the queues filling up?  (No, the messages in the queues are not to those we send to.)
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24396325
If you have set recipient filter and then restarted the SMTP server that should have put a stop to the NDR attacks. That is the point.
Exchange is a very poor bulk emailing tool, and I would suggest finding another product to send those messages, or better still, outsource it.

Simon.
0
 

Author Comment

by:jhuntii
ID: 24398601
OK, I'll suggest that and see if that stops the  NDR messages.  Thanks.
0
 

Author Closing Comment

by:jhuntii
ID: 31570055
Thanks, Mestha.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

1. Boot PC and press F10, select storage options and change the compatibility from “AHCI” to “IDE”, save and exit 2. Boot PC and press F12 3. Upon PXE display of searching for DHCP server, press Pause break to obtain MAC address 3. Open Configu…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question