Solved

2008r2 file server stops accepting connections

Posted on 2014-09-15
18
643 Views
Last Modified: 2014-11-01
Hi Guys

I need some assistance with a 2008r2 file server that becomes inaccessible periodically throughout the day.
some background on the issue...........

I have a standalone 2008r2 file server. server seems to run fine for a period of time and then suddenly stops accepting connections. this occurs randomly throughout the day. the only way to fix the problem is to restart the server.

one of the things I've noticed is that shares are inaccessible over the network but if I open the share from the server itself via the same UNC path, it works.

DNS checks out fine, network connectivity is fine, error logs do not give any info on the problem.
when checking sessions on the server, I noticed during one outage yesterday that the server had 1024 open files when it stopped working. the specificity of that number led me to believe that it was a limit of some sort, which led me to this article (http://support.microsoft.com/kb/324446/en-us)
the registry entries in the article were applied, issue still persists.
when checking the open file count during todays outage, it was sitting at 479 open files so I'm not sure about the limit being the cause.
Server patch level is up to date as of 3 weeks ago, this also includes all hotfixes from article (http://support.microsoft.com/kb/2473205/en-us) which is specific to file servers.
Server is running symantec antivirus (v12.1.1). I plan on stopping AV on the server for a while to test if this is the cause.

Any assistance with this issue will be greatly appreciated.

Regards
Brad
0
Comment
Question by:ablsysadmin
  • 14
  • 2
  • 2
18 Comments
 
LVL 21

Expert Comment

by:RK
ID: 40324821
Hi,

Is there any backup running at the time of issue?  if so, try to change the backup schedule and see it makes any difference. Yes, Antivirus (especially SEP) cause this type of issues.  

Also, try disabling SMB2 on the server

HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Parameters
Add a new REG_DWORD key with the name of Smb2.
Value name     Smb2
Value type     REG_DWORD
0 =     disabled
1 =     enabled
Set the value to 0 to disable SMB2, or set it to 1 to re-enable SMB2.
0
 

Author Comment

by:ablsysadmin
ID: 40324849
Hi Raj

thanks for getting back to me.
there are no backups running at the time of the outages.

if I disable SMB2, will the server default to SMB1 ? and if so, what happens to the active SMB2 sessions ?
0
 

Author Comment

by:ablsysadmin
ID: 40324851
0
 
LVL 21

Expert Comment

by:RK
ID: 40324876
Hi,

As a backwards compatibility, yes, its revert to SMB1. You can have a look at this article and  get a fully understanding about SMB http://www.petri.com/how-to-disable-smb-2-on-windows-vista-or-server-2008.htm

Hope this helps
0
 

Author Comment

by:ablsysadmin
ID: 40324887
Thanks for the article, explains it nicely.
I'm waiting for the server to crash again before I make any more changes (murphy's law, its gonna run fine now)
0
 
LVL 88

Expert Comment

by:rindi
ID: 40324999
It could also be caused by licensing issues. Maybe you have exceeded the CALS by the number you you own when it happens.
0
 

Author Comment

by:ablsysadmin
ID: 40325078
server just crashed. I upgraded my symantec to version 12.1.3 as per recommendation from the vendor, will wait and see if there is any improvement.

this licensing issue you mention, how do I check if its a licensing issue ? I'm not aware of any licensing for a file server.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40325206
You need CALs for the users connecting to a server. As far as I know the 2008 r2 server standard comes with 5 such CALs. If more users try connecting they won't be able to. If you need more CALs you have to buys those.

The licensing overview from the link below should give you some idea. CALs are explained on page 18:

http://www.microsoft.com/en-us/download/details.aspx?id=18795
0
 

Author Comment

by:ablsysadmin
ID: 40325312
i am running Microsoft network monitor 3.4. I will send the log asap. The server died now again
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:ablsysadmin
ID: 40325386
ok, no luck. server is dead. had to reset.
0
 

Author Comment

by:ablsysadmin
ID: 40327435
ok, here we go. the network capture
File-server-network-capture.xlsx
0
 

Author Comment

by:ablsysadmin
ID: 40327436
please review and advise asap
0
 

Author Comment

by:ablsysadmin
ID: 40327789
just an update, so far the below has been implemented

1. configured tcp stack settings as per below

        Receive-Side Scaling State          : disabled
        Chimney Offload State               : disabled
        NetDMA State                               : enabled
        Direct Cache Acess (DCA)            : disabled
        Receive Window Auto-Tuning Level    : normal
        Add-On Congestion Control Provider  : ctcp
        ECN Capability                              : disabled
        RFC 1323 Timestamps                 : disabled
2. applied hotfixes/patches/regEntries from the below articles
        http://support.microsoft.com/kb/2582112/en-us
        http://support.microsoft.com/kb/324446/en-us
        http://support.microsoft.com/kb/2473205/en-us
3. disabled SMB2 as per http://support.microsoft.com/kb/2696547/en-gb
        this caused more problems. lots of clients could no longer connect. reg entries were removed again.
4. call has been logged with microsoft (they say symantec should be disabled)
5. call logged with symantec (waiting for callback) due to the below article
         http://www.symantec.com/connect/forums/network-shares-stop-responding-randomly-windows-server-2008-r2
6. network monitor trace run leading up to the time of an outage, nothing in    the logs that indicate where the problem is.
7. symantec AV was upgraded from v12.1.1 to v12.1.3.

Issue still persists.
0
 

Author Comment

by:ablsysadmin
ID: 40329990
latest update, symantec has been has been disabled.
will now wait and see if it resolves the issue
0
 

Author Comment

by:ablsysadmin
ID: 40332012
latest update,

After Symantec was disabled, the server did not fail from yesterday morning until now (about 19 hours running time)
Due to the risk of not having AV on the server being so high, I’ve now uninstalled v12.1.3 and installed v11.0.6.
Will monitor throughout the day.
0
 

Author Comment

by:ablsysadmin
ID: 40343731
Update........

v11.0.6 ran successfully for about 4 days without incident.
symantec came back stating that 12.1.5 was just released and it should resolve the problem.
upgrade to v12.1.5 was done but the issue reappeared after 1 day.
I have now downgraded symantec back to v 11.0.6.

awaiting further feedback from symantec.
0
 

Accepted Solution

by:
ablsysadmin earned 0 total points
ID: 40407816
Latest update .......

server is still running symantec v11.0.6 without issue for the last 1 month.
The call logged with symantec as been closed as they could not replicate the issue in their labs and I could not allow them to test on my prod server so the issue remains unresolved.
downgrading to v11 is the accepted solution for me. I will attempt an upgrade once symantec releases a new version.
0
 

Author Closing Comment

by:ablsysadmin
ID: 40416970
the provided solution worked for me
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now