Prev: Domain trust between a Samba PDC domain and W2K AD domain
Next: Throughput problem with Samba 3.3.4 over VPN
From: Ludovic Rouse-Lamarre on 5 Aug 2010 10:20 Hi, I am currently in the process of improving performance for a Samba 3.3.4 server on FreeBSD 7.0. The samba server works great when mounted from another machine located on the same network but when I try to use it over our corporate VPN (OpenVPN with tap interface) the throughput won't go over 4,5 Mbps. The ping between the samba client and the server is around 20ms. I have used a linux machine on amazon's elastic cloud to connect to the corporate VPN and mount the samba share located on our web host. There is at least 20 Mbps of bandwidth available between the two in both ways. I have also tested the throughput from our Montreal office where we have a 10 Mbps download. I have tested with fedora, windows 7 and windows xp and I can't get more than 4 or 5 Mbps there. Is this situation to be expected or should I be getting better throughput? Here is my smb.conf file: [global] dos charset = 850 unix charset = ISO8859-1 workgroup = CIVITAS netbios name = PDC-SRV server string = Samba Server passdb backend = ldapsam:ldap://127.0.0.1/ log level = 1 syslog = 0 log file = /var/log/samba/log.%m max log size = 50 time server = Yes deadtime = 120 #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Ajoute par Ludovic pour ameliorer la performance de Samba # tire de https://calomel.org/samba_optimize.html socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536 use sendfile = yes load printers = No name resolve order = wins lmhosts host bcast ;add user script = /usr/local/sbin/smbldap-useradd -m "%u" ;delete user script = /usr/local/sbin/smbldap-userdel -r "%u" ;add group script = /usr/local/sbin/smbldap-groupadd "%g" ;delete group script = /usr/local/sbin/smbldap-groupdel "%g" ;add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" ;delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" ;set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u" ;add machine script = /usr/local/sbin/smbldap-useradd -W "%u" add user script = /usr/local/sbin/smbldap-useradd -m %u delete user script = /usr/local/sbin/smbldap-userdel %u add group script = /usr/local/sbin/smbldap-groupadd -p %g delete group script = /usr/local/sbin/smbldap-groupdel %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u add machine script = /usr/local/sbin/smbldap-useradd -w %m" logon script = %U.bat logon path = \\%L\profiles\%U logon drive = H: logon home = \\%L\%U domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes ldap admin dn = cn=Manager,dc=bgjlr,dc=com ldap delete dn = Yes ldap group suffix = ou=group ldap machine suffix = ou=machines ldap passwd sync = yes ldap suffix = dc=bgjlr,dc=com ldap ssl = no ldap user suffix = ou=People nt acl support = No map acl inherit = Yes case sensitive = No veto files = /.snap/*.bat/*.cmd/*.com/*.cpl/*.exe/*.hta/*.inf/*.ins/*.isp/*.msi/*.msp/*.pif/*.reg/*.scr/*.shs/*.vb/*.vbs/*.wsc/ store dos attributes = Yes wide links = No dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd server signing = auto server schannel = Auto [homes] comment = Home directories valid users = %S read only = No create mask = 0700 directory mask = 02700 browseable = No root preexec = /usr/local/bin/mkhome %u [netlogon] comment = Network Logon Service path = /srv/home/samba/netlogon/ browseable = No root preexec = /srv/home/samba/genlogon.pl %U %G %L [profiles] path = /srv/home/samba/profiles valid users = %U, "@Domain Admins" force user = %U read only = No create mask = 0600 directory mask = 0700 profile acls = Yes hide files = /desktop.ini/ntuser.ini/NTUSER.*/ browseable = No csc policy = disable guest ok = Yes [public] comment = Public Stuff path = /srv/groupes/public read only = No guest ok = Yes [public2] comment = Public Stuff path = /data read only = No guest ok = Yes [groups] comment = All groups path = /srv/groupes read only = No inherit permissions = Yes inherit acls = Yes profile acls = Yes [admin] comment = Pour administration path = /srv/admin read only = No inherit permissions = No valid users = kimmtl syla Thanks for the input, Ludovic -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |