[Samba] samba 3 - smb2 cpu usage

Danny d.wijsman at stokvis.eu
Mon May 13 09:02:21 MDT 2013 

Op 13-5-2013 14:57, Volker Lendecke schreef:
> On Mon, May 13, 2013 at 12:52:56PM +0200, Danny wrote:
>> Hi all,
>>
>> At the moment we are running Debian squeeze with stock samba 3.5.6.
>> and are testing some new samba installations from ubuntu 12.04,
>> centos 6.4 and debian wheezy. All running in a VM on a XenServer.
>> The samba servers are member of a 2008R2 domain, using smb1 protocol
>> all are running fine and we get a constant 90MB/s (big file
>> transfer) on our 1GB network.
>> We would like to enable smb2 protocol for performance reasons, but
>> when we do enable SMB2 (max protocol = SMB2) file transfer speed
>> drops to 50-60MB/s (one big file) instead of the 80-90MB/s we used
>> to get before. We noticed when this happens the cpu is at its max
>> instead of 60-70% when using smb1.
>> iostat doesn't show any serious load and our raid 10 setup isn't
>> experience any difficulties.
>> Using the packages (3.6.13) from EnterpriseSamba we get simular results.
>>
>> Is it known enabling smb2 requires a faster cpu and our cpu is
>> simply not powerfull enough or is there another problem which we
>> should look into? (Or should we just stick to smb1, because smb2
>> isn't worth the trouble?)
>
> You should definitely use SMB2. The higher CPU is
> suprising. You should be able to max out a 1GB network with
> SMB2 easily. Does Debian support the perf utility to find
> out what the process does?
>
> Volker
>
Thanks for replying.

'perf top' smb2 enabled shows:

Events: 33K cycles
  53.07%  [kernel]            [k] hypercall_page
  36.33%  smbd                [.] SHA256_Update
   1.99%  [kernel]            [k] copy_user_generic_string
   1.23%  libc-2.13.so        [.] 0x793e1
   1.10%  [xen_netfront]      [k] xennet_poll
</cut>

'perf top' smb2 disabled shows:
Events: 16K cycles
  72.59%  [kernel]            [k] hypercall_page
  12.04%  smbd                [.] 0x40a5ee
   1.86%  [kernel]            [k] copy_user_generic_string
   1.37%  [xen_netfront]      [k] xennet_poll
   0.56%  libc-2.13.so        [.] 0x89283
   0.35%  [kernel]            [k] xen_restore_fl_direct
   0.35%  [kernel]            [k] pvclock_clocksource_read


Looking at the above, disabling client and server signing gives me (in a 
quick test) back my performance.
But now I'm prone to man in middle attacks? and if we run into other 
interoperabilities. (e.g. Windows clients/servers)?

Danny

More information about the samba mailing list