locked
MTU & Remote Desktop Services (Random Disconnects) RRS feed

  • Question

  • Hello everyone, and thanks for helping with this.

    We have an RDS Farm of 10 RDS Session Hosts. End users connect through a Private IP ADSL Wan that we run. The clients connect over Ethernet to a cisco router. We currently have 180 concurrent users, from 150 sites.

    We have quite a few reports of users getting a black screen, or a random disconnect, and we can see event logs on the RDS Hosts such as

    Source:        TermDD
    Event ID:      56
    The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: xxx.xxx.xxx.xxx.

    After lots of research, I think we have identified this as an MTU issue.

    Our supplier, because of overheads has an MTU of 1476. Ethernet is 1500. We use RDP 7, and this cannont be fragmented, as a result, we are experiancing black hole routers.

    Via group policy, I deployed settings to the clients

    EnablePMTUBHDetect 1, and EnablePMTUDiscovery 1.
    This cut about 95% of the issues, but we still have a few problem sites.
    My question is this, is it possible to set the Max MTU of Client Interfaces to less than 1500 with group policy? Or is it possible to set the MTU of a server to less than 1400? Will this help? Will the clients autonegotiate with the server?
    Thanks Kindly
    Denny
    Thursday, January 6, 2011 2:39 PM

Answers

  • Hi Denny,

     

     

     

    I have made some research based on the inquiry. There are three options that can help achieve the goal:

     

    Option 1: GPO

     

    To force the Max MTU, please implement PMTU detect registry entry and create an ADM file whose contents are as follows:

     

    CLASS MACHINE

    CATEGORY "TCPIP"

    POLICY "PMTU DETECT"

    KEYNAME "System\CurrentControlSet\Services\TCPIP\Parameters"

    VALUENAME "EnablePMTUBHDetect" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0

    END POLICY

    END CATEGORY

     

    Created a file by the name of pmtu.adm and save in the inf folder and then add a template in the default policy computer configuration.

     

    Method used to add admin template is as follows

     

    1. Open Domain Group Policy Editor
    2. Under Computer Configuration, right click on Administrative Templates and then

    click on Add/ Remove Templates
    5. Click on Add, Select the file name (pmtu.adm) and click on open
    6. You will now see a Container called Search under Administrative Templates
    Container
    7. Right click on this new Policy Container and click on View\Filtering
    8. Uncheck the check box 'Only show policy settings that can be fully managed' and

    click on ok
    9. You will now see the policy in the right hand pane for the Search Container
    10. Right click on the new policy in right pane and click on properties
    11. Enable the policy
    12. Click on Apply and Okay

     

    Getting the policy implemented for that we need to refresh the group policy via gpupdate/force on the client side. As a result, this would check the mtu allowed and send the packet of size that is allowed across that WAN Link.

     

     

    Option 2: NETSH

     

    Using the NETSH to enumerate the NetworkCards registry keys and mapping this to the interfaces register entries.

     

    To list the MTU of size of your adapters

     

    netsh interface ipv4 show interfaces

     

    To change the MTU of a specific adapter (for example, "My Local WLAN") to 1300:

     

    netsh interface ipv4 set subinterface "My Local WLAN" mtu=1300 store=persistent

     

     

    Option 3: Script

     

    ====================================================

     

    Dim strDNSDomain  

    Dim strComputer  

    Dim strID  

    Dim strKeyPath  

    Dim strValueName  

    Dim strDWValue  

     

    Const HKEY_LOCAL_MACHINE = &H80000002  

    Const DEFAULT_MTU_Size = 1500  

     

    '====  Gets the Setting for MTU from the command line in the form of /MTU:1500 ====  

     

    Set colNamedArguments = Wscript.Arguements.Named  

     

    if colNamedArguements.Exists("MTUSize") Then 

     strDWValue = colNamedArguments.Item("MTUSize")  

    Else 

     strDWValue = DEFAULT_MTU_SIZE  

    End if  

     

     

    strComputer = "." 

    strDWValue = Wscript.Arguements  

    Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _  

             strComputer & "\root\default:StdRegProv")  

     

    set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _  

             strComputer & "\root\cimv2" 

     

    Set colAdapters = objWMIService.ExecQuery _  

        ("SELECT * FROM Win32_NetworkAdapterConfiguration")  

     

    For each objAdapter in colAdapters  

       strDNSDomain = objAdapter.DNSDomain  

       if Instr(1, strDNSDOmain, strTemp) >0 then  

           strID = objAdapter.SettingID  

           strKeyPath = "SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\Interfaces\" & strID  

           strValueName = "MTU" 

           oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strDWValue  

       End if  

    Next 

     

    ===========================================================

     

    You can execute this script by the following example: cscript setmtu.vbs /MTU:1325

     

    This allows you to change the MTU size without editing the script again, and it’s handy for GPO deployment.

     

    Furthermore, please refer to the following article to make clear about the changes of PMUT.

     

    Changes in PMTU black hole router detection in Windows Server 2003 and in Windows Vista

    http://support.microsoft.com/?id=925280

     

     

     

    Thanks.

     

    • Marked as answer by Alan Zhu Tuesday, January 11, 2011 3:25 AM
    Friday, January 7, 2011 9:17 AM

All replies

  • Hi Denny,

     

     

     

    I have made some research based on the inquiry. There are three options that can help achieve the goal:

     

    Option 1: GPO

     

    To force the Max MTU, please implement PMTU detect registry entry and create an ADM file whose contents are as follows:

     

    CLASS MACHINE

    CATEGORY "TCPIP"

    POLICY "PMTU DETECT"

    KEYNAME "System\CurrentControlSet\Services\TCPIP\Parameters"

    VALUENAME "EnablePMTUBHDetect" VALUEON NUMERIC 1 VALUEOFF NUMERIC 0

    END POLICY

    END CATEGORY

     

    Created a file by the name of pmtu.adm and save in the inf folder and then add a template in the default policy computer configuration.

     

    Method used to add admin template is as follows

     

    1. Open Domain Group Policy Editor
    2. Under Computer Configuration, right click on Administrative Templates and then

    click on Add/ Remove Templates
    5. Click on Add, Select the file name (pmtu.adm) and click on open
    6. You will now see a Container called Search under Administrative Templates
    Container
    7. Right click on this new Policy Container and click on View\Filtering
    8. Uncheck the check box 'Only show policy settings that can be fully managed' and

    click on ok
    9. You will now see the policy in the right hand pane for the Search Container
    10. Right click on the new policy in right pane and click on properties
    11. Enable the policy
    12. Click on Apply and Okay

     

    Getting the policy implemented for that we need to refresh the group policy via gpupdate/force on the client side. As a result, this would check the mtu allowed and send the packet of size that is allowed across that WAN Link.

     

     

    Option 2: NETSH

     

    Using the NETSH to enumerate the NetworkCards registry keys and mapping this to the interfaces register entries.

     

    To list the MTU of size of your adapters

     

    netsh interface ipv4 show interfaces

     

    To change the MTU of a specific adapter (for example, "My Local WLAN") to 1300:

     

    netsh interface ipv4 set subinterface "My Local WLAN" mtu=1300 store=persistent

     

     

    Option 3: Script

     

    ====================================================

     

    Dim strDNSDomain  

    Dim strComputer  

    Dim strID  

    Dim strKeyPath  

    Dim strValueName  

    Dim strDWValue  

     

    Const HKEY_LOCAL_MACHINE = &H80000002  

    Const DEFAULT_MTU_Size = 1500  

     

    '====  Gets the Setting for MTU from the command line in the form of /MTU:1500 ====  

     

    Set colNamedArguments = Wscript.Arguements.Named  

     

    if colNamedArguements.Exists("MTUSize") Then 

     strDWValue = colNamedArguments.Item("MTUSize")  

    Else 

     strDWValue = DEFAULT_MTU_SIZE  

    End if  

     

     

    strComputer = "." 

    strDWValue = Wscript.Arguements  

    Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _  

             strComputer & "\root\default:StdRegProv")  

     

    set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & _  

             strComputer & "\root\cimv2" 

     

    Set colAdapters = objWMIService.ExecQuery _  

        ("SELECT * FROM Win32_NetworkAdapterConfiguration")  

     

    For each objAdapter in colAdapters  

       strDNSDomain = objAdapter.DNSDomain  

       if Instr(1, strDNSDOmain, strTemp) >0 then  

           strID = objAdapter.SettingID  

           strKeyPath = "SYSTEM\CurrentControlSet\Services\TCPIP\Parameters\Interfaces\" & strID  

           strValueName = "MTU" 

           oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strDWValue  

       End if  

    Next 

     

    ===========================================================

     

    You can execute this script by the following example: cscript setmtu.vbs /MTU:1325

     

    This allows you to change the MTU size without editing the script again, and it’s handy for GPO deployment.

     

    Furthermore, please refer to the following article to make clear about the changes of PMUT.

     

    Changes in PMTU black hole router detection in Windows Server 2003 and in Windows Vista

    http://support.microsoft.com/?id=925280

     

     

     

    Thanks.

     

    • Marked as answer by Alan Zhu Tuesday, January 11, 2011 3:25 AM
    Friday, January 7, 2011 9:17 AM
  • Thanks Kindly Alan! I shall investigate these options/solutions, and get back to you. Once again, thanks for your efforts!

    Denny

    Friday, January 7, 2011 9:21 AM
  • We are having similiar issues.  All Windows 7 systems get disconnected from RDP session randomly and the only thing we can see is the EventID 56..

    We are going to try the PTU adjustment.  Have you resolve your problem yet?

    Friday, January 21, 2011 8:33 PM