# Strange Speed Problem



## SupaMonkey (Jun 25, 2009)

Hey Guys,
I have a strange speed problem happening where communication with a server is extremely slow for some reason.

The server is:
Intel 2U Alcolu-R Xeon DC Platform
2x Intel® Xeon® DP 5420 Processor - 2.50GHz Quad Core, Socket 771, 12MB, 1333MHz FSB, 45nm, Passive
Seagate® Barracuda 7200.11 Series - 500GB Serial ATA II (SATA2) Plus - Serial ATA 300 (3Gbps) w/32MB Cache
2x Transcend® 2GB Registered ECC DDR2-667 240-Pin Fully Buffered DIMM (FB-DIMM) Memory @ CL 5-5-5-15 - 6 Layer -
Microsoft® Windows Server 2008

About 10 clients are connected to it, all running Windows Vista Ultimate. PCs are all decent machines with 2-4GB of RAM with recent CPU's, etc.

Network consists of a Netgear GS716T Gigabit switch and so the entire network (except for 2 clients) is running at Gigabit speeds.


Now, the clients are all setup on active directory with a domain setup on the server and they can all login fine, etc. All their files are stored on the server through a Group Policy.
Problem comes in when they have to communicate with the server.

Examples:
- Open an excel file and/or saving it can take several minutes
- Some custom applications that use MySQL on the server can take several minutes to boot


No software changes have been made or new software installed.

Network config is all static IP's and internet access is achieved through a router on the internet. All client primary dns is set to the server.

Server Network settings:
Computer Name: server
IP: 192.168.0.100
Subnet: 255.255.255.0
Gateway: 192.168.0.1
Primary DNS: 192.168.0.1

Client Network Settings
IP Range: 192.168.0.20->40
Subnet: 255.255.255.0
Gateway: 192.168.0.1
Primary DNS: 192.168.0.100

Domain on the server is: companyname.pvt
From the client PC's I can resolve companyname.pvt as well as server to 192.168.0.100 and ping it fine.

So once again, I can login from all the clients and access all info - but why the hell is it so slow on such a nice setup as this is?

Thanks in advance!


----------



## aasimenator (Dec 21, 2008)

list what all services/applications & processes that server runs

also run Reliability and Performance monitor of the Server to & post the report here

http://technet.microsoft.com/en-us/library/cc755081(WS.10).aspx


----------



## casper0191 (Apr 2, 2009)

What is the result of virus scan? Did you already perform that?


----------



## SupaMonkey (Jun 25, 2009)

Server Software:
MySQL
Symantec Endpoint Protection
Pervasive SQL 9

Symantec Endpoint Protection (AV/spyware/etc) came up clean on full scan (daily full scan scheduled).

I open the Reliabiltiy/Performance monitor on the server - but how do I generate a report for you?


----------



## SupaMonkey (Jun 25, 2009)

I see now there are various reports I can generate; LAN Diagnostics, Active Directory, System Diagnostics and System Performance - which do you require?


----------



## aasimenator (Dec 21, 2008)

If you can generate all that you mentioned that would be great
& make sure you atleast run it for 24hours


----------



## SupaMonkey (Jun 25, 2009)

Ive attached the reports that I ran today. I didnt know how to export the reports so I just printed them to PDF...


----------



## aasimenator (Dec 21, 2008)

are these 24 hrs report?


----------



## SupaMonkey (Jun 25, 2009)

They only ran for the duration of the day - so about 10 hrs or so I believe


----------



## casper0191 (Apr 2, 2009)

You don't need to tell me the the actual scans. What i want to know if it detected unusual. Also if you always run a scan everyday you must be playing during it right?


----------



## Colossus610 (Jun 15, 2005)

I have run into some nasty problems with Symantec Endoint Protection with and without Endpoint Server management. Particularly the Network Threat Protection and the Proactive Threat Scan if not configured correctly.
Try disabling either the "Scan file on network drives"(in my mind, not necessary when all machines have their own AV - why have machines scanning themselves AND each other across the network?) in the client itself or the management policy from the server(whichever applies)
and/or 
briefly disabling SEP clients and killing Symantec services on ALL machines it's installed on, as a test.
Also, SEP can install a packet filter driver onto your Network Cards that interfaces with the AV itself, try disabling this as well. (network connection's properties--> uncheck the box for the "Symantec Packet Filter driver" or whatever it's name is.
It sounds like you've already bashed your head in a few times troubleshooting this issue, believe me, so did I when I first encountered this with Symantec's first few releases of Endpoint. My issues were all sorts of 'normal' Windows/AD/Domain traffic being silently dropped with no trace whatsoever. 
The speed issue happened to me several times at different clients' after SEP installs or maintenance release/maintenance pack releases.


----------



## Colossus610 (Jun 15, 2005)

Oh yeah, depending on how hard you hit database applications(Exchange, SQL, MySql, etc) some people may argue the value of excluding the db folder from the realtime AV scanning to save on disk I/O. But that's a Ford vs Chevy argument to be had another day, but it may help some.


----------



## casper0191 (Apr 2, 2009)

Well with that too much program running I think that your Ram can't suport it too much.


----------



## SupaMonkey (Jun 25, 2009)

So after trying everything mentioned on this thread, the problems persist.

Whats strange is that they seem to be random - ie: The server/network will be working fine at some times during the day, while other times it will have this 'blackout' effect (computers still say theyre connected but its as if theyre not).


----------



## casper0191 (Apr 2, 2009)

I think you should check if you have updated your antivirus.


----------

