Solved

Disk access to SBS 2003 Extremely Slow

Posted on 2009-04-14
8
942 Views
Last Modified: 2012-05-06
Hello all:

   I manage a server that has worked quite well for nearly three years.  In just the past few days, it has slowed way down.  I notice this mainly from the server console.  If I try to browse the contents of the folders, it seems to take forever.  When opening applications - for example, event viewer, Start, Admin Tools open quickly.  Event Viewer itself is slow.  Getting the details for an event is very slow.  The same is true for opening management utilites.  Task Manager shows almost no CPU activity.  System Idle is usually in the 90% + range.  But the hard drives seem to be working pretty hard.  Configuration is a 7 x 250GB SATA drives in a RAID5 with one hot spare.  All configured as Drive C.  One other hot-swap drive is available for backup as drive E:  There is a lot of room available still on drive C: (like 650 GB).  I checked the 3Ware controller utility and everything seems to be in the green.  I am getting a lot NDR messages being sent out from the server.  I disabled SMTP for a while and that seemed to help, but not solve the problem.  So I enabled it again.  Does anyone have any ideas what I can check next??

Oh, and I in the middle of upgrading our Trend Micro SMB Messaging from 3.6 to Worry Free Bus. Security Advanced.  Backup is BackupExec 10d.
0
Comment
Question by:jhuntii
  • 4
  • 4
8 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24143813
Rather than cut and paste of a MS KB article you should have stated the source.
http://support.microsoft.com/kb/886208

Post above flagged to moderators for removal.

Simon.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24146986
RAID 5 is slow anyway. If you have seven drives what you should have done was created two arrays, one for the OS and applications (mirror of two drives) and the rest for data.

Run the SBS best practises tool on the server, see if that flags anything of interest.
If the server is being abused then it would show in the queues in ESM.

Simon.
0
 

Author Comment

by:jhuntii
ID: 24151613
There are those who would argue that RAID5 is fast, not slow... :)  However, I love RAID1 myself and if I had it to do over I would set this up differently.  Anyway, the speed has been acceptable for the past couple of years.  Only in in the past few days it has become nearly unuseable.  I'll run the best practices tool (if I can get it downloaded and installed - it may take a day or two just for that!).  I'm also checking NDR settings/possible attack.
0
 
LVL 65

Expert Comment

by:Mestha
ID: 24156761
For hosting the OS, RAID 5 is slow. RAID 5 has its place, but by setting up everything on a single RAID 5 array you have crippled the system.

Exchange is a high transactional database, which needs to write to two two locations at the same time. Take in to account the fact that you have everything on the same array, plus the speed hit of RAID 5, and you have a system that is being held back by its storage configuration.

Throw in the additional overhead of SBS, and it is combination that will have performance issues.

Simon.
0
[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

 

Author Comment

by:jhuntii
ID: 24395813
It turns out that we found thousands of messages in the queue - most from postmaster.  In researching this it appears we have been under an NDR attack.  I have set up the recipient filtering and tarpitting and cleaned out the messages.  That allows the server to speed up - for about a week, then the queues fill up and the server slows down again.  Should I turn off NDR responses for a while?  Also, this server has started to send out mass mailings - could this have had an effect on the queues filling up?  (No, the messages in the queues are not to those we send to.)
0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
ID: 24396325
If you have set recipient filter and then restarted the SMTP server that should have put a stop to the NDR attacks. That is the point.
Exchange is a very poor bulk emailing tool, and I would suggest finding another product to send those messages, or better still, outsource it.

Simon.
0
 

Author Comment

by:jhuntii
ID: 24398601
OK, I'll suggest that and see if that stops the  NDR messages.  Thanks.
0
 

Author Closing Comment

by:jhuntii
ID: 31570055
Thanks, Mestha.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is my 3rd article on SCCM in recent weeks, the 1st (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html) dealing with installat…
Know what services you can and cannot, should and should not combine on your server.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now