SMB file sharing works great on LANs but struggles with VPNs in hybrid work setups, causing productivity issues.
In today’s interconnected world, sharing files over a network is common in many organizations. One of the most widely used protocols for this purpose is the Server Message Block (SMB), which allows for file sharing and access to printers and other network resources. However, using SMB over a Virtual Private Network (VPN) can present unique challenges. This blog post aims to shed light on these issues and explore potential alternatives to using SMB over VPN.
Whether you’re an IT professional dealing with network infrastructure or simply interested in optimizing your remote work setup, this discussion could provide valuable insights. Let’s dive in.
Life Is Great on the LAN
In the realm of network file sharing, SMB has established itself as a reliable and efficient protocol. Particularly in Local Area Network (LAN) environments, where latency is minimal, and packet loss is virtually non-existent, SMB truly shines. It facilitates seamless file sharing, printer access, and various inter-process communication (IPC) services, making it an integral part of many organizational infrastructures. The low latency and high stability of LANs allow SMB to perform at its best, providing users with fast, reliable access to shared resources. This benefit makes SMB over LAN an excellent solution for businesses seeking efficient internal data-sharing solutions.
But Your Users Live on the WAN… and They’re Not Happy About It!
Welcome to the new reality of hybrid work setups. Thanks to a combination of factors—a global pandemic that made us all too familiar with the term ‘lockdown,’ lifestyle changes that had us trading business suits for pajamas, cost-cutting measures that made companies realize that office space is, well, expensive, and globalization that had us collaborating across time zones—many companies have shifted to a hybrid work setup.
In this brave new world, the VPN is the superhero that makes the WAN masquerade as the LAN and enables remote access. It’s like Clark Kent putting on a pair of glasses and everyone believing he’s not Superman. But here’s the catch—it’s only a somewhat convincing disguise. For some protocols, the VPN is a smooth operator. But for others, like SMB, it’s more like a bumpy roller coaster ride.
If your users are grumbling about slow file transfers and dropped connections, it might be time to have a heart-to-heart with SMB over VPN. Because in the world of networking, not all heroes move quickly!
Slower Reads
One of the most significant challenges with using SMB over VPN is performance degradation. SMB is a TCP-based, block-based protocol, which means it sends data in blocks over TCP. When used over a VPN, this can result in high overhead, leading to slow file transfers and poor overall performance. This performance hit is particularly noticeable when dealing with large files, many small files, or when the network connection is unstable. Furthermore, VPNs introduce latency and bandwidth limitations, further exacerbating these performance issues.
Even Slower Writes
Reading speed is typically acceptable, but the same isn’t true for writing speed.
Reading (as opposed to modifying) is easier to optimize. To expedite file availability, file servers and SMB clients use caching, pre-fetching, and concurrent reading of multiple file blocks. In addition, in SMB3, Microsoft introduced SMB Multichannel (Windows Server 2012 or better). Among other things, it enables file reads to happen over multiple network connections.
Writing happens sequentially with minimal caching to ensure data safety. Here, the impact of latency and bandwidth limits introduced by the WAN, the VPN, and the corporate firewall are very noticeable.
VPN Is Where Productivity Goes to Die
In general, VPNs are not fun. With some products, it takes a while to establish a VPN connection. Once established, the VPN sometimes disconnects. In many cases, it also interferes with the performance of connections outside the VPN tunnel (try Zoom on Windows while Perimeter 81 is running).
These issues are an inconvenience when using stateless web apps. They are deadly to a stateful protocol like SMB and applications that rely on a mounted SMB folder on a remote NAS server in a data center.
None of it is fun or productive for remote users or hybrid workers.
Offline Work Anyone?
In the era of hybrid work, the ability to work offline has become more important than ever. Hybrid workers often find themselves in situations where they may need more consistent access to the internet, such as during travel, in remote locations where internet access is limited, or even during internet or Wi-Fi outages at home. Accessing and working on files offline ensures that work doesn’t come to a halt during these times. Offline work capabilities are a necessity in today’s hybrid work environment.
SMB cannot work offline, and the built-in support for offline work is limited and mostly unusable.
5G, LTE, and Wi-Fi to the Rescue?
Using an SMB mount over Wi-Fi or LTE can be pretty frustrating. File transfers crawl along, with each folder click taking longer than expected and connections dropping unpredictably just when things seem to be working smoothly. If you try to move larger files, you’ll likely see the “time remaining” estimate jump around wildly, giving you little confidence in when or if the transfer will finish. Sometimes, it feels like it might be quicker to ask for a USB drive in the mail rather than waiting for files to trickle through the wireless network!
Limited internet speed, occasional drops in the wireless connection, and latency introduced by the router or wireless provider are all SMB killers.
Alternatives?
One alternative is a cloud drive (Dropbox, Google Drive, Microsoft OneDrive). These cache files locally and don’t require a VPN or a constant connection to a file share. On the flip side, they introduce new security, authentication, and permission issues. They also introduce a new data silo—the files in the cloud drive are not the same as the files on your NAS.
An alternative approach could be to transition all data to a cloud-based storage system, eliminating the need for SMB or NFS shares. While this strategy simplifies the data landscape by reducing the number of data stores, it also deprives the organization of a significant amount of functionality, adaptability, and performance. Not to mention the massive data migration involved.
A Solution?
What if there was a way to keep the files where they are today, maintain the same security model (File ACLs, VPN, IPsec tunnels, Active Directory, endpoint compliance enforcement, etc.), but enable offline work and fast access and modification from anywhere to files on an SMB share?
Our patent-pending technology allows for all that and more.
Sign up below for a demo or to start a trial.
