Performance Hit enabling SMBv2 (or higher)

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
lazzarinof
Posts: 50
Joined: Thu Sep 23, 2021 12:26 pm

Performance Hit enabling SMBv2 (or higher)

Post by lazzarinof »

Good afternoon,

We have a new requirement to use SMB signing on our log repository server (our log repository is currently a CIFS share mounted via a Windows VM). However, the potential impact of considerable performance impact noted by Microsoft (here: https://docs.microsoft.com/en-us/window ... ons-always) has us worried.

Do you have any guidance/best practices on moving to this more secure setup with minimal performance damage? Or, if it's unavoidable, roughly what kind of hit we can expect? With the logs constantly flowing through, we can't have any sort of congestion/outage, as we need to ensure we're maintaining our ISO's standards.

Thank you!
gsmith
Posts: 1253
Joined: Tue Mar 02, 2021 11:15 am

Re: Performance Hit enabling SMBv2 (or higher)

Post by gsmith »

Hi,

Depending on your network and your storage system implementation, the performance impact of SMB signing can
vary widely; you can verify it only through testing in your network environment.

This Microsoft support doc seems to indicate that there is improvement in their Windows Server 2022 :
https://docs.microsoft.com/en-us/troubl ... on-signing

Is there any particular reason you need to use a Windows VM for the log repository ? Do you have client machines
other than the Nagios Log servers that need to access the log repository?

An alternative would be a Linux NFS server.
There are some "gotchas" with the initial NFS setup, and they are detailed here:
https://assets.nagios.com/downloads/nag ... ations.pdf

Thanks
rferebee
Posts: 733
Joined: Wed Jul 11, 2018 11:37 am

Re: Performance Hit enabling SMBv2 (or higher)

Post by rferebee »

We're utilizing a SAN for our log repository and the only way we've figured out to mount it has been a CIFS/SMB share. From what I understand (and I'm no storage expert) we're not actually using the Windows VM to serve the share, it just allows us to visually manage the data on the SAN. The data is still being written directly to the SAN from the LS nodes.
gsmith
Posts: 1253
Joined: Tue Mar 02, 2021 11:15 am

Re: Performance Hit enabling SMBv2 (or higher)

Post by gsmith »

Hi

Thanks for the info.

I suggest asking the admin of the san if it supports NFS, and if that would make the requirement of using
SMB signing and/or SMB encryption go away.

If the above is possible, then you probably would want to do a test of NFS performance vs. SMB performance (before signing)
to see if it makes sense.

Thanks
Locked