Wireshark-users: [Wireshark-users] Slowdown after mounting DFS network drives

From: János Löbb <janos.lobb@xxxxxxxx>
Date: Mon, 5 Apr 2010 15:48:40 -0400
Hi,

Here is our situation. We are on the YNHH network and we connecting to the Yale network to use some DFS drives that are needed for Oracle access at Yale.

YNHH has its own Pix firewall and Yale too. There is a router that connects the two network. So, to get to the DFS drives the packets has to go through two firewalls and minimum one router, not counting switches and other network devices.

PC users - Windows XP Professional with SP3 - are loging into the Yale domain and are mounting these drives - O, N, T - with a script. The script is launched by selecting an item from the YAMS menu - YAMS= Yale Administrative Menu System :-)

As soon as the drives are mounted the users are experiencing a "slow down" of their machines, like opening a document takes 15 seconds instead of almost 0 seconds, etc. As soon as they disconnect the DFS drives, the machines are regaining their speed and vigor.

I attach here a short capture file. that was made by using a professional sniffer program. I am able to open it with Wireshark. It was made during a "slow down" phase.

These PC users are been counters, so they MUST connect to these drives all the time, however if they do so, their PC is useless.

The following things were done:

- The Cisco switch, where the PCs are connected, firmware and IOS was upgraded to current level. Had no effect.

- All DFS drives in the PATh environment variable of the PCs were positioned to the end, with that thought, that whatever files are needed look forst into the local directories.

- All MS desired RPC ports are open on both firewalls.


What do you think the problem is ??

Thanks ahead,

János

Attachment: brady 1st floor SLOW without Radio.enc
Description: Binary data