Managing Active Directory does not always have to be complicated. If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why
Are these symptoms of broadcast storm? Or more related to an individual server?
hi guys,
I posted yesterday regarding issues we have been having all week with people saving/opening to our file server. It is on a Windows 2003 Storage Server on an HP Proliant 380G5 with around 4GB of RAM and an Intel Xeon 2.33ghz. A SAN of around 15TB is connected directly with SAS cards to the back of this server.
This server has an IP of 192.168.11.35/24. If we accessed the server directly from the console or even RDP/VNC to it, it would freeze momentarily and then let you continue working on it.
The biggest issue is that a network consisting of approximately 300 users all had issues saving/opening file to and from this location. Copying files of around 200mb to local desktops would take almost 1minute through our gigabit switches, something which usually takes a few seconds.
However, if I logged on to any other server on the network which was on the same range, it would literally take a few seconds to copy files to the desktop. Some of the servers I tested from were also connected to the same switch as the one mentioned above.
My question is, would a broadcast storm every cause this? Or would a broadcast/switch issue cause you to have problems and slow speeds regardless of which server you accessed?
Does this issue mostly point to a specific server issue or would general network issues cause this also?
P.s - I logged on remotely to this file server and seeing as nobody is at the office today, it is absolutely fine? Hmmm....
Any ideas would be great.
Cheers
Yashy
I posted yesterday regarding issues we have been having all week with people saving/opening to our file server. It is on a Windows 2003 Storage Server on an HP Proliant 380G5 with around 4GB of RAM and an Intel Xeon 2.33ghz. A SAN of around 15TB is connected directly with SAS cards to the back of this server.
This server has an IP of 192.168.11.35/24. If we accessed the server directly from the console or even RDP/VNC to it, it would freeze momentarily and then let you continue working on it.
The biggest issue is that a network consisting of approximately 300 users all had issues saving/opening file to and from this location. Copying files of around 200mb to local desktops would take almost 1minute through our gigabit switches, something which usually takes a few seconds.
However, if I logged on to any other server on the network which was on the same range, it would literally take a few seconds to copy files to the desktop. Some of the servers I tested from were also connected to the same switch as the one mentioned above.
My question is, would a broadcast storm every cause this? Or would a broadcast/switch issue cause you to have problems and slow speeds regardless of which server you accessed?
Does this issue mostly point to a specific server issue or would general network issues cause this also?
P.s - I logged on remotely to this file server and seeing as nobody is at the office today, it is absolutely fine? Hmmm....
Any ideas would be great.
Cheers
Yashy
Asked:
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Sounds like a poisened MAC table entry in the switch, leading to a loop. Resetting the switch should help then.
I don't think it is anything like a config issue (a real loop without proper spanning tree to prevent from loops).
But before doing anything else, a network capture for traffic for a single machine to the "failing" server should be done. If I'm correct, you should see a lot of identical packages.
I don't think it is anything like a config issue (a real loop without proper spanning tree to prevent from loops).
But before doing anything else, a network capture for traffic for a single machine to the "failing" server should be done. If I'm correct, you should see a lot of identical packages.
I also think you should get Comm View (Tamosoft), put in on the server, learn how to interpret the packets and see what is going on when things get slow. Get Smart Whois (Tamosoft) at the same time and be able to look up (easily) IP addresses you don't know.
People could also be using Web Mail with big attachments.
People could also be using Web Mail with big attachments.
The system was last rebooted three times in the past two days due to this. It didn't rectify the issue. The AV hasn't been disabled on the fileserver no, we could try that.
I'm using Wireshark guys if I need to capture traffic. So would I just run wireshark on my PC and then try to copy files down from the server to my desktop and then analyse the traffic? Or would I run it on the server itself perhaps?
I'm using Wireshark guys if I need to capture traffic. So would I just run wireshark on my PC and then try to copy files down from the server to my desktop and then analyse the traffic? Or would I run it on the server itself perhaps?
Use Wire Shark (or Comm View) on the server itself - that is better. Comm View is a commercial product and better than Wire Shark (nice filtering capabilities).
The "correct" usage of packet capture is always on source and destination at the same time, then correlate the results. But that might be overkill - just try whereever it is easier for you first. I always start with the client, then try to get details on the server.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MCP MCSA Microsoft Certified Partner & Solutions Ass… 377 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Excel 2007 Adva… 188 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2016 Part … 134 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
when was the system/updated/rebooted last.
You could use perfmon as well as procmon one to monitor system performance (including network) and the other to see what is going on on the system.