none
DFS Replication failing for large files

    Soru

  • I have recently upgraded our AD to incorporate Windows Server 2008 R2 SP1 machines and am trying to Setup DFS replication between one windows server 2008 R2 and another. Both Box's are Domain controllers and each are located at a different physical sites connected via a Cisco site to site VPN tunnel.

    The servers are HP DL180 G6 & DL120 G6 both a single 1Gb Nic connected to there respective switches and both have the latest drivers installed. 

    File replication in both directions is successfully but only for small files. (like new text files and folder). Anything much bigger than a couple of MB never seems to appear in the replication partner. (this is the same in both directions). Small files continue to replicate even when the large files do not.

    Error Messages are being displayed every 20 seconds.

    #############################################

    WARNING 5014
    The DFS Replication service is stopping communication with partner ERNIE for replication group domain.com\public\data due to an error. The service will retry the connection periodically. 

    Additional Information: 
    Error: 1726 (The remote procedure call failed.) 
    Connection ID: FDA3F962-F8CC-43AB-B182-088E2AA4DCEA 
    Replication Group ID: C7C80CC5-B790-4490-ADBD-0BB067833F0D

    #############################################

    INFORMATION 5004
    The DFS Replication service successfully established an inbound connection with partner ERNIE for replication group domain.com\public\data. 
     
    Additional Information: 
    Connection Address Used: ERNIE.domain.com 
    Connection ID: FDA3F962-F8CC-43AB-B182-088E2AA4DCEA 
    Replication Group ID: C7C80CC5-B790-4490-ADBD-0BB067833F0D

    #############################################

    Things I've tried & or noticed along the way.

    1. Both Servers can ping each other and FRS is still working correctly (sysvol Folder)
    2. Removed all the replication groups/data/members and started again.
    3. Tried suggestions concerning DisableTaskOffload, EnableTCPChimney, EnableTCPA and EnableRSS – These had no effect  - from http://qa.social.technet.microsoft.com/Forums/en/winserverfiles/thread/d27bd902-034e-4230-9516-0ede42308193
    4. There are no firewalls block any traffic or turned on even the windows firewall has been disabled. 
    5. There are no AV applications installed on either machines.
    6. Increased the staging folder to 100gb (more than enough for what we need to copy) Checked that quotas are disabled.
    7. Checked for hotfix's but I couldn't find anything relevant to my problem so haven't downloaded any.
    8. Checking for Black Hole routers "http://support.microsoft.com/kb/159211" led me to find that the maximum MTU size along the VPN path was 1412 anything larger did return the correct "packet needs to be fragmented" warning. I added the EnablePMTUBHDetect reg_dword even though the KB didn’t mention Server 2008 in the list, this stopped the errors but has not resolved the problem. "its since been removed and the errors have returned)
    9. Testing Replication between one of the servers and another server on the same lan works correctly. (all data large and small is replicated correctly.

    I'm struggling people... Can anyone help me? Point 9 above appears to indicate a wan related problem but im not sure how to continue troubleshooting as I'm not a WAN expert.



    13 Mart 2012 Salı 12:29

Yanıtlar

Tüm Yanıtlar

  • Matt

    As indicate in the point 8 do you review the MTU value in your Network devices and server ?

    See Article: http://support.microsoft.com/kb/159211

    Regards


    Eric


    13 Mart 2012 Salı 15:31
  • Hey Eric,

    Changing the MTU size using the setting below worked.

    • Open regedit as an administrator account on the server in question.
    • Navigate to HKLM\System\CurrentControlSet\services\Tcpip\Parameters\Interfaces\[Choose the interface in question] (Do this by checking the correct IP address is in the settings under this key for the adapter you are configuring)
    • Once you are in the correct key for your interface, right-click and select new DWORD value (32 bit).
    • Call it MTU
    • Give this a decimal value equal to the setting you would like your MTU to be (measured in bytes). I changed mine to 1400

    Will this have any great effect on other things within the network locally and should I accept this as the answer. I don't know much about vpn tunnels but im assuming they use part of the MTU for encapsulation? Should my MTU on the tunnel be set to 1500 or 1500 minus the encapsulation required.. surely this is a problem that many people experience all the time with different overheads on different routes?

    Thanks Matt



    15 Mart 2012 Perşembe 10:53
  • Please find this document from Microsoft Download: "Active Directory in Networks Segmented by Firewalls"<o:p></o:p>

    Hey Eric Was the above supposed to be a link?
    15 Mart 2012 Perşembe 11:13
  • Thanks Eric. You post above also seems to indicate that there is a Microsoft document "Active Directory in Networks Segmented by Firewalls"

    Do you have a link to this document also?

    15 Mart 2012 Perşembe 16:20