?
Solved

2008r2 file server stops accepting connections

Posted on 2014-09-15
18
Medium Priority
?
987 Views
Last Modified: 2014-11-01
Hi Guys

I need some assistance with a 2008r2 file server that becomes inaccessible periodically throughout the day.
some background on the issue...........

I have a standalone 2008r2 file server. server seems to run fine for a period of time and then suddenly stops accepting connections. this occurs randomly throughout the day. the only way to fix the problem is to restart the server.

one of the things I've noticed is that shares are inaccessible over the network but if I open the share from the server itself via the same UNC path, it works.

DNS checks out fine, network connectivity is fine, error logs do not give any info on the problem.
when checking sessions on the server, I noticed during one outage yesterday that the server had 1024 open files when it stopped working. the specificity of that number led me to believe that it was a limit of some sort, which led me to this article (http://support.microsoft.com/kb/324446/en-us)
the registry entries in the article were applied, issue still persists.
when checking the open file count during todays outage, it was sitting at 479 open files so I'm not sure about the limit being the cause.
Server patch level is up to date as of 3 weeks ago, this also includes all hotfixes from article (http://support.microsoft.com/kb/2473205/en-us) which is specific to file servers.
Server is running symantec antivirus (v12.1.1). I plan on stopping AV on the server for a while to test if this is the cause.

Any assistance with this issue will be greatly appreciated.

Regards
Brad
0
Comment
Question by:ablsysadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 14
  • 2
  • 2
18 Comments
 
LVL 22

Expert Comment

by:Radhakrishnan R
ID: 40324821
Hi,

Is there any backup running at the time of issue?  if so, try to change the backup schedule and see it makes any difference. Yes, Antivirus (especially SEP) cause this type of issues.  

Also, try disabling SMB2 on the server

HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Parameters
Add a new REG_DWORD key with the name of Smb2.
Value name     Smb2
Value type     REG_DWORD
0 =     disabled
1 =     enabled
Set the value to 0 to disable SMB2, or set it to 1 to re-enable SMB2.
0
 

Author Comment

by:ablsysadmin
ID: 40324849
Hi Raj

thanks for getting back to me.
there are no backups running at the time of the outages.

if I disable SMB2, will the server default to SMB1 ? and if so, what happens to the active SMB2 sessions ?
0
 

Author Comment

by:ablsysadmin
ID: 40324851
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 22

Expert Comment

by:Radhakrishnan R
ID: 40324876
Hi,

As a backwards compatibility, yes, its revert to SMB1. You can have a look at this article and  get a fully understanding about SMB http://www.petri.com/how-to-disable-smb-2-on-windows-vista-or-server-2008.htm

Hope this helps
0
 

Author Comment

by:ablsysadmin
ID: 40324887
Thanks for the article, explains it nicely.
I'm waiting for the server to crash again before I make any more changes (murphy's law, its gonna run fine now)
0
 
LVL 88

Expert Comment

by:rindi
ID: 40324999
It could also be caused by licensing issues. Maybe you have exceeded the CALS by the number you you own when it happens.
0
 

Author Comment

by:ablsysadmin
ID: 40325078
server just crashed. I upgraded my symantec to version 12.1.3 as per recommendation from the vendor, will wait and see if there is any improvement.

this licensing issue you mention, how do I check if its a licensing issue ? I'm not aware of any licensing for a file server.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40325206
You need CALs for the users connecting to a server. As far as I know the 2008 r2 server standard comes with 5 such CALs. If more users try connecting they won't be able to. If you need more CALs you have to buys those.

The licensing overview from the link below should give you some idea. CALs are explained on page 18:

http://www.microsoft.com/en-us/download/details.aspx?id=18795
0
 

Author Comment

by:ablsysadmin
ID: 40325312
i am running Microsoft network monitor 3.4. I will send the log asap. The server died now again
0
 

Author Comment

by:ablsysadmin
ID: 40325386
ok, no luck. server is dead. had to reset.
0
 

Author Comment

by:ablsysadmin
ID: 40327435
ok, here we go. the network capture
File-server-network-capture.xlsx
0
 

Author Comment

by:ablsysadmin
ID: 40327436
please review and advise asap
0
 

Author Comment

by:ablsysadmin
ID: 40327789
just an update, so far the below has been implemented

1. configured tcp stack settings as per below

        Receive-Side Scaling State          : disabled
        Chimney Offload State               : disabled
        NetDMA State                               : enabled
        Direct Cache Acess (DCA)            : disabled
        Receive Window Auto-Tuning Level    : normal
        Add-On Congestion Control Provider  : ctcp
        ECN Capability                              : disabled
        RFC 1323 Timestamps                 : disabled
2. applied hotfixes/patches/regEntries from the below articles
        http://support.microsoft.com/kb/2582112/en-us
        http://support.microsoft.com/kb/324446/en-us
        http://support.microsoft.com/kb/2473205/en-us
3. disabled SMB2 as per http://support.microsoft.com/kb/2696547/en-gb
        this caused more problems. lots of clients could no longer connect. reg entries were removed again.
4. call has been logged with microsoft (they say symantec should be disabled)
5. call logged with symantec (waiting for callback) due to the below article
         http://www.symantec.com/connect/forums/network-shares-stop-responding-randomly-windows-server-2008-r2
6. network monitor trace run leading up to the time of an outage, nothing in    the logs that indicate where the problem is.
7. symantec AV was upgraded from v12.1.1 to v12.1.3.

Issue still persists.
0
 

Author Comment

by:ablsysadmin
ID: 40329990
latest update, symantec has been has been disabled.
will now wait and see if it resolves the issue
0
 

Author Comment

by:ablsysadmin
ID: 40332012
latest update,

After Symantec was disabled, the server did not fail from yesterday morning until now (about 19 hours running time)
Due to the risk of not having AV on the server being so high, I’ve now uninstalled v12.1.3 and installed v11.0.6.
Will monitor throughout the day.
0
 

Author Comment

by:ablsysadmin
ID: 40343731
Update........

v11.0.6 ran successfully for about 4 days without incident.
symantec came back stating that 12.1.5 was just released and it should resolve the problem.
upgrade to v12.1.5 was done but the issue reappeared after 1 day.
I have now downgraded symantec back to v 11.0.6.

awaiting further feedback from symantec.
0
 

Accepted Solution

by:
ablsysadmin earned 0 total points
ID: 40407816
Latest update .......

server is still running symantec v11.0.6 without issue for the last 1 month.
The call logged with symantec as been closed as they could not replicate the issue in their labs and I could not allow them to test on my prod server so the issue remains unresolved.
downgrading to v11 is the accepted solution for me. I will attempt an upgrade once symantec releases a new version.
0
 

Author Closing Comment

by:ablsysadmin
ID: 40416970
the provided solution worked for me
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question