Category: Performance

Improve Internet and wireless speed tremendously
article #1170, updated 12 days ago

with the right router/firewall. I’ve had at least three different Netgears at home over years, all mid- or mid-high range in their consumer range at purchase. Every time, I tested using OEM up-to-date firmware, and tested with DD-WRT, many tweaks on both. DD-WRT gave a little improvement. On a little divine inspiration, I just did this:

  • Took a ten-year-old quad-core Vista box with three gigs of RAM
  • Put in a $40 quad Intel server NIC I bought from Amazon.com
  • Installed pfSense and set it up in very default fashion, exceptions being use of 192.168.2.0/24 as LAN subnet, 192.168.2.1 as LAN IP. Not using the motherboard NIC, just two on the Intel card so far.
  • Set my current DD-WRTed Netgear to do DHCP forwarding instead of serving, set it static to 192.168.2.2, left it otherwise alone
  • Connected one LAN port of the Netgear to the LAN port I set up in pfSense
  • Disconnected the WAN port of the Netgear, plugged Internet directly into the WAN port in pfSense

Suddenly WWW and Roku respond much faster, much less latency and jitter and other delay, and most unexpectedly, Internet download speed is much, much faster, even though the wifi is still running through the Netgear. And after a bit of performance tweaking, pings are lower, from 28ms down to 22 wired and 24 wireless.

Haven’t tried Squid proxying yet, or IPv6, but will be!

Categories:   Performance   Router/Firewall Configuration

==============

Linux Speed, Responsiveness, and Latency Reduction with 'sysctl' Settings
article #892, updated 12 days ago

These items help a lot in any application, including desktop, web server, or terminal server. The end of this post has two large compilations of these settings, one for wired (“non-lossy”) networking, one for wireless (“lossy”).

On the vast majority of Linux distributions, one can just add these changes to /etc/sysctl.conf, and then run sysctl -p to apply them without reboot. However, recent additions to standards have enabled us to place custom settings in our own configuration files, so that we don’t take /etc/sysctl.conf out of distro control.

On recent Debian and Ubuntu, we may best put them in /etc/sysctl.d/60-custom.conf (or replace the word “custom” to your liking), and then run sysctl --system to load both /etc/sysctl.conf and everything under /etc/sysctl.d.

On some other recent distros, it’s /etc/sysctl.d/custom.conf (the word “custom” is still arbitrary), and then run systemctl restart systemd-sysctl.

You can check your results with sysctl -A.

The first selection is for wired networking performance:

net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_workaround_signed_windows=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_fack=1
net.ipv4.tcp_low_latency=1
net.ipv4.ip_no_pmtu_disc=0
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_frto=2
net.ipv4.tcp_frto_response=2
net.ipv4.tcp_congestion_control=illinois

A bit different first group for networking performance, is recommendable for anything involving wireless, i.e., “lossy” networks:

net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_workaround_signed_windows=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_fack=1
net.ipv4.tcp_low_latency=1
net.ipv4.ip_no_pmtu_disc=0
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_frto=2
net.ipv4.tcp_frto_response=2
net.ipv4.tcp_congestion_control = hybla
net.ipv4.tcp_allowed_congestion_control = hybla cubic

And then some general networking performance items:

net.core.rmem_default = 31457280
net.core.rmem_max = 12582912
net.core.wmem_default = 31457280
net.core.wmem_max = 12582912
net.core.somaxconn = 4096
net.core.netdev_max_backlog = 65536
net.core.optmem_max = 25165824
net.ipv4.tcp_mem = 8388608 8388608 8388608
net.ipv4.udp_mem = 8388608 8388608 8388608
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.udp_rmem = 8192 87380 16777216
net.ipv4.udp_rmem_min = 16384
net.ipv4.tcp_wmem = 8192 65536 16777216
net.ipv4.udp_wmem = 8192 65536 16777216
net.ipv4.udp_wmem_min = 16384
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.route.flush=1

And some for network security enhancement:

net.ipv4.tcp_synack_retries = 2
net.ipv4.ip_local_port_range = 2000 65535
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15

And now a few to keep virtual memory usage under good control:

vm.swappiness=20
vm.dirty_ratio = 60
vm.dirty_background_ratio = 2

And one to increase the maximum number of open and watched files, very helpful indeed for servers, file synchronization of all sorts, and many other functions:

fs.file-max = 2097152
fs.inotify.max_user_watches = 524288

The above was compiled from these two excellent articles:

http://www.networkworld.com/article/2227856/opensource-subnet/best-networking-tweaks-for-linux.html
https://easyengine.io/tutorials/linux/sysctl-conf/

and other sources. Here is the whole set for wired (non-lossy) networking:

net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_workaround_signed_windows=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_fack=1
net.ipv4.tcp_low_latency=1
net.ipv4.ip_no_pmtu_disc=0
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_frto=2
net.ipv4.tcp_frto_response=2
net.ipv4.tcp_congestion_control=illinois
pre. net.core.rmem_default = 31457280
net.core.rmem_max = 12582912
net.core.wmem_default = 31457280
net.core.wmem_max = 12582912
net.core.somaxconn = 4096
net.core.netdev_max_backlog = 65536
net.core.optmem_max = 25165824
net.ipv4.tcp_mem = 8388608 8388608 8388608
net.ipv4.udp_mem = 8388608 8388608 8388608
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.udp_rmem = 8192 87380 16777216
net.ipv4.udp_rmem_min = 16384
net.ipv4.tcp_wmem = 8192 65536 16777216
net.ipv4.udp_wmem = 8192 65536 16777216
net.ipv4.udp_wmem_min = 16384
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.route.flush=1
vm.swappiness=20
vm.dirty_ratio = 60
vm.dirty_background_ratio = 2
fs.file-max = 2097152
fs.inotify.max_user_watches = 524288

and another full set for wireless / lossy networking:

net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_workaround_signed_windows=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_fack=1
net.ipv4.tcp_low_latency=1
net.ipv4.ip_no_pmtu_disc=0
net.ipv4.tcp_mtu_probing=1
net.ipv4.tcp_frto=2
net.ipv4.tcp_frto_response=2
net.ipv4.tcp_congestion_control = hybla
net.ipv4.tcp_allowed_congestion_control = hybla cubic
pre. net.core.rmem_default = 31457280
net.core.rmem_max = 12582912
net.core.wmem_default = 31457280
net.core.wmem_max = 12582912
net.core.somaxconn = 4096
net.core.netdev_max_backlog = 65536
net.core.optmem_max = 25165824
net.ipv4.tcp_mem = 8388608 8388608 8388608
net.ipv4.udp_mem = 8388608 8388608 8388608
net.ipv4.tcp_rmem = 8192 87380 16777216
net.ipv4.udp_rmem = 8192 87380 16777216
net.ipv4.udp_rmem_min = 16384
net.ipv4.tcp_wmem = 8192 65536 16777216
net.ipv4.udp_wmem = 8192 65536 16777216
net.ipv4.udp_wmem_min = 16384
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.route.flush=1
vm.swappiness=20
vm.dirty_ratio = 60
vm.dirty_background_ratio = 2
fs.file-max = 2097152
fs.inotify.max_user_watches = 524288

Categories:   Performance   Linux OS-level Issues

==============

Open Windows Explorer window in new process
article #1164, updated 34 days ago

A registry entry:

reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v SeparateProcess /t REG_DWORD /d 1 /f

which can be set up in group policy, under Computer Configuration, Preferences, Windows Settings, Registry.

Categories:   Performance   Windows OS-Level Issues

==============

Disable Cortana altogether
article #1161, updated 40 days ago

This will make any Windows 10 machine run much faster, at the cost of the fancy Cortana query and search component.

  1. In REGEDIT, browse to HKEY_LOCAL_MACHINE, Software, Policies, Microsoft, Windows.
  2. Create key “Windows Search” no quotes.
  3. Create DWORD32 “AllowCortana” no quotes. Make sure the value is zero (0).
  4. Create DWORD32 “AllowCortanaAboveLock” no quotes. Make sure the value is zero (0).
  5. Create DWORD32 “DisableWebSearch” no quotes. Make sure the value is one (1).
  6. Create DWORD32 “ConnectedSearchUseWeb” no quotes. Make sure the value is zero (0).
  7. Create DWORD32 “ConnectedSearchUseWebOverMeteredConnections” no quotes. Make sure the value is zero (0).
  8. Reboot.

Categories:   Windows OS-Level Issues   Performance

==============

Strip 8dot3 / 8.3 Filenames from a Running Windows for Performance
article #1144, updated 85 days ago

Very interesting, not tested by this writer yet; appears to be able to handle registry to some extent. One can turn off creation of new 8.3 filenames, and one can also strip existing 8.3 filenames from a filesystem and from the registry:

https://ss64.com/nt/fsutil.html

Categories:   Performance   

==============

Windows Performance through VSS Cleanup and Preassociation
article #1004, updated 92 days ago

These steps can improve Windows performance a whole lot. It works because a vast array of different applications and services in Windows utilize VSS on their backends. All of the below, except for one server-only step sometimes needed, is encapsulated in PowerShell script (3.0 and up) OVSS.ps1 , part of the ponderworthy-tools set.

To do the VSS optimization interactively, start an administrative CMD, and then…

Step 1:

vssadmin Delete Shadows /All

If there are orphan shadows, you will be asked whether you want to delete them. If there are and you delete them, you will see immediate performance benefit. Reportedly, Windows autodeletes them only after there are 64 per volume. We prefer to see zero! These build up as a result of bad shutdowns, drive and drive controller issues, and insufficient RAID resources to serve demands.

Step 2:

We now improve any existing preassociation of disk space for VSS. On some machines, this will increase performance very impressively, immediately. In general it keeps them smooth and stable and prevents hesitations. This does not reserve or take up the space, it just “associates” it, makes it ready for use, so that whenever Windows wants to do any of the bajillions of things it does with VSS, things ranging from tiny to enormous, it can skip that step.

It is worthwhile to know that C: on all workstation installs and many server installs, has a minimal preassociation already set up. And we should check to see if it has been done. So the first step is to check it. Do the below:

vssadmin list shadowstorage

If it gives you something like this:

vssadmin 1.1 - Volume Shadow Copy Service administrative command-line tool
(C) Copyright 2001-2013 Microsoft Corp.

Shadow Copy Storage association
   For volume: (\\?\Volume{84214e3c-0000-0000-0000-100000000000}\)\\?\Volume{84214e3c-0000-0000-0000-100000000000}\
   Shadow Copy Storage volume: (\\?\Volume{84214e3c-0000-0000-0000-100000000000}\)\\?\Volume{84214e3c-0000-0000-0000-100000000000}\
   Used Shadow Copy Storage space: 0 bytes (0%)
   Allocated Shadow Copy Storage space: 0 bytes (0%)
   Maximum Shadow Copy Storage space: 100 MB (20%)

Shadow Copy Storage association
   For volume: (C:)\\?\Volume{84214e3c-0000-0000-0000-501f00000000}\
   Shadow Copy Storage volume: (C:)\\?\Volume{84214e3c-0000-0000-0000-501f00000000}\
   Used Shadow Copy Storage space: 0 bytes (0%)
   Allocated Shadow Copy Storage space: 0 bytes (0%)
   Maximum Shadow Copy Storage space: 373 GB (20%)

where “Maximum Shadow Copy Storage space: “ for each volume is set to 20%, the rest has been done, you are fully optimized. Otherwise, if this is a desktop OS, we resize the existing association for each volume. For volumes without letters, and to pull a list of all VSS-ready volumes, see the note towards the end of this document.

So for the C drive, do the below in administrative CMD:

vssadmin Resize ShadowStorage /For=C: /On=C: /MaxSize=20%

Do repeat for any other active hard drive partitions, D:, E:, et cetera. Don’t worry if you get an error, the next step covers it.

Step 3:

It may well throw an error, saying there is no such association. If this is a workstation OS, vssadmin lacks two commands which we need for any further steps, so in that case we are done. But on any Windows Server OS from 2008R2, if the error was thrown, we do an Add:

vssadmin Add ShadowStorage /For=E: /On=E: /MaxSize=20%

Step 4:

And finally (server only), one more thing which can help if, for instance, C: is almost full but E: has plenty of space:

vssadmin Delete ShadowStorage /For=C: /On=C:
vssadmin Add ShadowStorage /For=C: /On=E: /MaxSize=20%

This maximizes overall performance, and also prevents possible backup failures and other issues due to insufficient disk space on C:.

Note:

On some machines, the volumes do not have letters. For these you will need to use the volume GUID path. In vssadmin list shadowstorage, they look like this:

Shadow Copy Storage association
   For volume: (\\?\Volume{99ac05c7-c06b-11e0-b883-806e6f6e6963}\)\\?\Volume{99a
c05c7-c06b-11e0-b883-806e6f6e6963}\
   Shadow Copy Storage volume: (\\?\Volume{99ac05c7-c06b-11e0-b883-806e6f6e6963}
\)\\?\Volume{99ac05c7-c06b-11e0-b883-806e6f6e6963}\
   Used Shadow Copy Storage space: 0 B (0%)
   Allocated Shadow Copy Storage space: 0 B (0%)
   Maximum Shadow Copy Storage space: 32 MB (32%)

For such a situation, substitute \\?\Volume{99ac05c8-c06b-11e0-b883-806e6f6e6963} (the whole long string) for C: in the above command lines.

PowerShell will give GUI paths for all volumes thusly:

GWMI -namespace root\cimv2 -class win32_volume

References are here:

https://technet.microsoft.com/en-us/library/cc788050.aspx

https://www.storagecraft.com/support/kb/article/289

http://backupchain.com/i/how-to-delete-all-vss-shadows-and-orphaned-shadows

http://www.tech-no.org/?p=898

Categories:   VSS   Performance

==============

Spybot Anti-Beacon
article #1139, updated 99 days ago

This tool decommissions quite the list of Windows 7 through 10 telemetry inclusions by which Microsoft informs itself of our behavior, using quite a lot of our RAM, CPU, and bandwidth in so doing.

https://www.safer-networking.org/spybot-anti-beacon/

Brought to this forefront by the Beard, Mike Hunsinger.

Categories:   Performance   Security

==============

Windows 10 does not always automatically detect and TRIM SSDs
article #1134, updated 105 days ago

Found this today.

  • A two-month-old laptop with a SanDisk SD8SN8U-256G-1006 SSD for its C: drive, Windows 10.
  • Windows had recognized the drive as a standard hard drive, not an SSD, and the laptop had slowed down a lot very recently.
  • Installed the SanDisk SSD Dashboard, ran TRIM, and scheduled weekly TRIM operations.
  • Laptop much faster.

Categories:   Drive Issues   Performance

==============

Turn Off Share Caching
article #1132, updated 123 days ago

One can save a lot of data confusion and server-side load, by turning off share caching on the server side. This prevent client machines from using Offline Files to drive human beings up the wall! :-)

TOSC.VBS turns off share caching on all of the shares it can, except for dollar shares. It needs to be run as administrator.

Categories:   Performance   

==============

Disable Cortana telemetry
article #1122, updated 165 days ago

This can help a lot:

netsh advfirewall firewall add rule name="SearchUI.exe Telemetry" dir=out action=block program="%SystemRoot%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" description="This rule prevents the Cortana telemetry. (This will also disable Cortana voice recognition.)"

Categories:   Performance