Troubleshooting Abysmal SMB/CIFS Performance Between Windows Server 2012 R2 and Mac OS X Clients in AD Environment


2 views

The Windows Server 2012 R2 system functioning as both a file server and PDC emulator exhibits severe performance degradation specifically for Mac OS X 10.9 (Mavericks) clients, while Windows 7 clients operate normally. Key observations include:

  • Directory listing operations taking 5-10x longer than Windows clients
  • File writes performing at 0.33Mbps (vs expected 100+Mbps on gigabit network)
  • NFS testing showing similar poor performance despite protocol change

The TCP dump reveals significant protocol inefficiencies:

// Sample analysis of captured SMB traffic
tcpdump -i en0 -vvv -s 0 'port 445' -w smb_capture.pcap
// Shows multiple 500-byte packet continuations for single write operations

These registry modifications on Windows Server 2012 R2 have helped others:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
"DisableBandwidthThrottling"=dword:00000001
"DisableTCPChimney"=dword:00000001
"Smb2CreditsMin"=dword:00000400
"Smb2CreditsMax"=dword:00004000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DisableTaskOffload"=dword:00000001

For Mavericks clients, try these terminal commands:

# Increase SMB packet size
sudo sysctl -w net.inet.tcp.delayed_ack=0
sudo sysctl -w net.inet.tcp.mssdflt=1448

# Disable SMB signing (security tradeoff)
sudo defaults write /Library/Preferences/SystemConfiguration/com.apple.smb.server SigningRequired -bool FALSE

# Flush DNS cache
sudo discoveryutil mdnsflushcache
sudo discoveryutil udnsflushcaches

When SMB proves problematic, consider these alternatives:

# AFP configuration (requires separate server)
sudo nano /etc/netatalk/afp.conf
[Global]
afp listen = yes
afp port = 548
vol preset = default_for_all_vol

[default_for_all_vol]
file perm = 0660
directory perm = 0770

Use these tools to validate network performance:

# On Windows Server:
netsh interface tcp show global
Get-SmbServerConfiguration | Select-Object *Encryption*

# On Mac client:
networkQuality -v
nettop -P -m tcp

As a PDC emulator, these Group Policy settings may help:

# GPO settings to apply:
Computer Configuration -> Policies -> Administrative Templates -> Network -> Lanman Workstation
"Enable insecure guest logons" = Enabled
"Digitally sign communications (always)" = Disabled

# For file shares:
fsutil behavior set disablelastaccess 1
Set-SmbServerConfiguration -EncryptData $false -Force

When macOS 10.9 Mavericks clients connect to our Windows Server 2012 R2 file server (which also serves as PDC emulator), we experience:

  • Directory listing takes 8-12 seconds for folders with 50 items
  • File writes average 0.33 Mbps via dd if=/dev/random bs=1m count=1024 | dd of=/Volumes/share/testfile
  • Read operations are 3-4x faster than writes
  • Windows 7 clients show normal performance (90-110MB/s transfers)

The tcpdump output reveals excessive SMB packet fragmentation. Each 500-byte chunk requires individual acknowledgment:

# Sample packet analysis command used:
tcpdump -i en0 -s 0 -w smb_capture.pcap host server.example.local
# Filter for SMB write operations
tshark -r smb_capture.pcap -Y "smb.cmd == 0x2f" -V

Verify these registry settings on the DC:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
"DisableBandwidthThrottling"=dword:00000001
"Size"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
"MaxCmds"=dword:00001000
"MaxThreads"=dword:00000020

Create a plist configuration for SMB optimization:





    nfs.server.mount.require_resv_port
    
    net.inet.tcp.delayed_ack
    0
    net.inet.tcp.sendspace
    65536
    net.inet.tcp.recvspace
    65536

For time-sensitive operations, consider mounting via NFS with these mount options:

sudo mount -t nfs -o resvport,rw,tcp,hard,intr,timeo=600,retrans=3,rsize=65536,wsize=65536 server.example.local:/share /Volumes/share

Run these diagnostic commands simultaneously on server and client:

# On Windows Server
netsh interface tcp show global
Get-SmbServerConfiguration | Select-Object *

# On macOS
sysctl net.inet.tcp | grep -E 'sendspace|recvspace|delayed_ack'
nettop -P -m tcp

Force specific SMB versions through Terminal:

mount_smbfs -o vers=1,sec=ntlmssp //user@server.example.local/share /Volumes/share
# Test all available versions (1,2,3)
for v in 1 2 3; do
    time (mount_smbfs -o vers=$v //user@server/share /mnt/test && 
          dd if=/dev/zero of=/mnt/test/testfile bs=1m count=100 && 
          umount /mnt/test)
done