This is the 4th part of a series of posts I’ll be describing several settings and parameters that can be tuned to optimize your server performance. I hope you’ll find them useful and help you improve your servers performance.
- Performance Tuning your Windows Server (Part 1)
- Performance Tuning your Windows Server (Part 2)
- Performance Tuning your Windows Server (Part 3)
Note: As with all changes, you should implement the following suggestions one at a time and verify that there was a performance improvement. If system performance decreases after making a change, you should reverse the change.
Windows servers often have more network services and protocols installed than are actually required. Each additional network client, service or protocol places additional overhead on system resources. In addition, each protocol generates network traffic. By removing unnecessary network clients, services and protocols, system resources are made available for other processes.
On a system supporting more than one network protocol, the order in which they are bound to the network clients and services running on the server is important. All network communications for a given service or client start with the protocol listed at the top of the binding list. If after a given period, no response is received, communications are routed to the next protocol in the list until all protocols are exhausted. As a result it is crucial to ensure the most frequently used protocol for a given client or service is moved to the top of the binding list to offer the best network I/O performance possible.
To view the order of network bindings, Open the Network Connections applet from the Control Panel, and from the menu bar, click Advanced → Advanced Settings.
By selecting a protocol and clicking the up and down buttons, you can change the binding priority of your protocols. If an installed protocol is not required by a particular service or client, it should be disabled.Do so by removing the tick in the check box beside the protocol in question. This will improve system performance and possibly improve security.
Disable Chimney and Offload features
TCP Offload Engine is an emerging technology which is designed to offload TCP stack handling from the main system CPU to a processor built into NIC cards. This technology is still relatively new, and when engaged, has been known to cause unstable connections. This results in dropped sockets, dropped packets, packet reordering and packet retransmits.
To disable the TCP Chimney Offload features:
1. Install the KB948496 update that turns off default SNP features
2. Run the following command at the command prompt:
netsh int ip set chimney DISABLED
3. Set the registry values as described below, or use the Microsoft Fix it #50051
Disable TCP Chimney:
|Set to:||0x0 (0)|
Disable Receive Side Scaling:
|Set to:||0x0 (0)|
Disable TCP Window Auto-Tuning:
|Set to:||0x0 (0)|
4. Open Network Connections, locate each connection to see its properties and click Configure → Advanced. Look for one or more entries as listed below (or similar, it depends on the manufacturer) and verify they are set to Off / Disabled / False:
- TCP/IP Offload
- Checksum Offload
- IPv4 Checksum Offload
- Large Send Offload (IPv4)
- Large Send Offload
Harmful code detection (Antivirus) exclude settings:
Important: This section contains information that shows how to help lower security settings or how to temporarily turn off security features on a computer. You can make these changes to understand the nature of a specific problem. Before you make these changes, you should evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.
Exclude the Windows Update or Automatic Update database file:
Exclude the Windows Update or Automatic Update log files:
|Files Mask:||Res*.log, Res*.jrs, Edb.chk, Tmp.edb|
Exclude the Windows Security files:
|Files Mask:||*.edb, *.sdb, *.log, *.chk, *.jrs|
Note: If these files are not excluded, antivirus software may prevent proper access to these files, and security databases can become corrupted. Scanning these files can prevent the files from being used or may prevent a security policy from being applied to the files. These files should not be scanned because antivirus software may not correctly treat them as proprietary database files.
Exclude the Group Policy user registry information:
Exclude the Group Policy client settings file:
Exclude the Active Directory and Active Directory main NTDS database files:
|Files Mask:||Ntds.dit, Ntds.pat|
Exclude the Active Directory transaction log files:
|Files Mask:||EDB*.log, Res*.log, Res*.jrs|
Exclude the files in the NTDS Working folder:
|Folder Path:||Specified in the registry value: HKLM\System\CurrentControlSet\Services\NTDS\Parameters\DSA Working Directory|
|Files Mask:||Temp.edb, Edb.chk|
Exclude the Database Log files and other files in the File Replication Service (FRS) Working folder:
|Files Mask:||edb.chk, Ntfrs.jdb, *.log|
Drivers, Firmware and Service Packs:
Use the latest drivers, firmware, and service packs.
Installing the latest version of a device driver, patch, BIOS update, microcode, or firmware revision for hardware is a very important part of routine server maintenance. Newer device drivers not only fix bugs and increase system stability, but can also increase the performance and efficiency of a device, improving overall system performance.
Microsoft periodically issues service packs and hot fixes for their operating systems. After a period of testing in your environment, these should be deployed to production systems.
Service packs and hot fixes often introduce updated code to key kernel and sub-system components of the operating system and can add extra performance and functionality benefits.