RobertP

New Member
Joined
Jan 20, 2024
Messages
3
I have a need to network two very large desktops together, both running Win 10 Pro 22H2, both fully updated. They are both X570 machines, both overclocked AMD Ryzen 9 5900X, both with 64Gb of 3600 CL18, (2x32, 4x16), one with an RX6950 XT, the other with a plain old RX600. Storage is Seagate Firecuda 530 system disks, 4Tb on one, 500Gb on the other, and 16 x 4Tb Toshiba N300 NAS drives. One board runs 8 Toshiba drives in two RAID 0 arrays off the onboard chipset controller (one live, one backup), with a further 16TB (4x4) of Seagate Expansion external USB disks (really Seagate DM004 video surveillance drives) as very reliable external backups. The other board has an Adaptec 7805 with a further two 4 spindle arrays of the same Toshibas. I need to build a watertight network to hump lots of data around the place, and I'm talking TB's here, not just 200-300 Gb's. A four spindle Toshiba array can happily read and write in the 600-850 MBs range depending on file size (2+GB video files go at closer to 900MB/sec), so nothing less than a 10 Gbs LAN will do.

One machine has a 10 GBs LAN on the board, the other a 2.5Gbs Realtek chip, soon to be replaced with Link Removed. Both machines also have Intel AX200 Wi-Fi 6 chips on board. I have identified Link Removed which seems to satisfy my needs; room for 2x10Gbs desktops, and also room for my current 1130 Mbs internet connection to double again! So it all seems sorted, yes? Oh no, not by a long way! The hardware is simple and straight forward, Cat 7 and RJ45 throughout with no hideous SFP's to overheat, and PCIE-3 x 2 lanes gives around 15.6 Gbs, enough for my needs. Indeed. with the RAID arrays limited to say 850 MB/sec, I'm using 70% of the available bandwidth which should keep the internet speeds at least respectable. No problems in terms of CPU power, then, no shortage of memory, so what is the problem?

Well, I thought I'd use an old 1 Gbs switch to test the topology, which works just fine; a new 10Gbs port and that switch are really just cosmetic changes. Shares were established and recognized OK, but could I access them? Could I? Hell no. Both ethernet adaptors have fixed addresses, but no way could I persuade credentials manager to let me in, in either direction. So I ran sfc /scannow to clean things up, then DISM with /restorehealth, deleted all existing windows credentials on both machines and then put them all back in. Still no joy. So next I shut down credentials manager on both machines, and got as far as being able to view the shares on the target machine, but a credentials request came through as I opened any share. Switch off NordVPN, no change. Check Comodo and both fixed IP's are sitting there in the local network. What next? First junk that switch and think again.

How many of you remember the bad old days (Windows 3.11) when you could directly cable two machines together? Serial ports are long gone, of course, but where there's a will there's way. Set the WIFI on both machines to fixed addresses, then disconnect the ethernet from the Virgin router once all four fixed addresses are reserved in the router. Shouldn't need to do it for the ethernet controllers, because they should not need either DHCP or DNS, but I did it anyway. First problem, NordVPN does not work very well with fixed IP wireless. Turn it off and consider that later, because the wireless works fine without it, and COMODO is more than happy, which means I'm safe enough. Next run some CAT 7 between the two ethernet ports (don't need a crossover because modern chipsets do it automatically as needed), and set up each on IPV4 with the host machine pointing at the other as it's gateway. Then you have to move on to the advanced tab, and uncheck metrics, setting them to 2. For the wireless chips, just edit the metric to 1, or your internet will become problematic and jerky, and there is a noticeable DNS lag.. As a matter of interest, it mattered not whether I used COMODO, NordVPN or Virgin DNS servers, the lag was ever present.

Now, the smart ones among you will recognize that this little two machine network actually has three gateways, and we're all told in kindergarten that you simply cannot do this, no sir, not at all. first rule of a network is only one gateway. But this worked, well, after a fashion. The ethernet ports synchronised at 2.5Gbs, and I was able to copy from Box1 to Box 2, but for some strange reason not Box 2 to Box 1. I'd set the shares up with full control and that is what I got. I've ALWAYS run my machines using the Administrator account (please, this is not the time to debate that issue), and they seemed happy enough to talk to one another. So I have no credentials manager anymore, a one way network that seems stable, and at last no requests for credentials. So I used AOMEI to back up both systems (I'm a careful soul) and cranked up NordVPN on both machine. I love Nord, they've never let me down before, but when the system was up and running again, what did it do? Convert my latest creation into a 20MB's wireless network. I assume this is because they've applied the metrics to all networks and not just internet connectivity as the book says should be done.

So, after an eventful twelve hours today, I restored those backups and decided to ask for your help. This is so close; apart from NordVPN. I need a little help to get this rig to be bi-directional, then I can hammer NordVPN for a solution. I don't suppose the boys from Redmond will be very happy either, but it's their mess we all have to deal with every day. Credentials manager has never worked properly since Windows 7, and since they decided to place security way in front of connectivity neither has home networking. Any thoughts as to why this actually works at all, and what might make it bi directional? Because if I could find a way to keep NORDVPN from using the wireless chips as a network, other than by reversing the metrics (which really hits real-life speeds), then I could live with a uni-directional network. Always supposing it works when I wake up tomorrow.

The sad thing is, I know this shouldn't work at all, and I still don't know how I got sustained 300MB/sec transfers earlier today. But I did, so it's got to have some merit. Any thoughts you can spare would be gratefully accepted.
 

Solution
It seems like you have put a lot of effort into setting up your network and troubleshooting the issues you have encountered. I can understand your frustration with the credentials manager and networking on Windows. I'll try to provide some insights and suggestions to help you achieve a bi-directional network and address the NordVPN issue.
1. Credentials Manager: It can be tricky to ensure proper authentication between Windows machines on a network. Here are a few suggestions to troubleshoot the credentials issue:
- Ensure that both machines are part of the same Workgroup or Domain. You can check this in the Control Panel under System settings.
- Double-check that the username and password used to access the shared folders are...
It seems like you have put a lot of effort into setting up your network and troubleshooting the issues you have encountered. I can understand your frustration with the credentials manager and networking on Windows. I'll try to provide some insights and suggestions to help you achieve a bi-directional network and address the NordVPN issue.
1. Credentials Manager: It can be tricky to ensure proper authentication between Windows machines on a network. Here are a few suggestions to troubleshoot the credentials issue:
- Ensure that both machines are part of the same Workgroup or Domain. You can check this in the Control Panel under System settings.
- Double-check that the username and password used to access the shared folders are correct and have the necessary permissions.
- Try creating a new user account on both machines specifically for file sharing purposes and test if that account can access the shared folders.
2. Networking Configuration:
- Since you mentioned having fixed IP addresses for your machines, make sure that the IP addresses of both machines are in the same subnet (e.g., 192.168.1.xxx).
- Double-check that the subnet mask is also the same on both machines.
- Verify that your machines are in the same workgroup or domain.
3. NordVPN Issue: NordVPN might interfere with the network configuration and metrics. Here are a few things you can try:
- Check if NordVPN has an option to exclude specific networks or interfaces from its VPN tunneling. If so, you can exclude your local network from being routed through NordVPN.
- Temporarily disable NordVPN and see if the bi-directional network works without it. This will help confirm if NordVPN is causing the issue.
- Contact NordVPN support for more specific guidance on configuring their software to work with a multi-interface network setup like yours.
4. Alternative Network Solutions: If you continue to encounter issues, you might consider alternative network solutions, such as:
- Using a dedicated network-attached storage (NAS) device with built-in file sharing capabilities. This would remove the need for direct networking between your two machines.
- Exploring other VPN solutions that might handle multi-interface setups more effectively.
Remember to double-check the configuration settings, such as DNS server, subnet mask, gateway, and workgroup/domain, to ensure they are consistent across both machines.
Overall, troubleshooting networking and credentials issues can be complex, and the solutions provided might not immediately resolve all your problems. It may require some trial and error to find the optimal configuration for your specific setup.
 

Solution
i can honestly say i've never tested such a setup... i expect you are right and it just doesn't work because its not designed to

the closest i ever got on a fast data share was a home hyper-v server running to v-copies of my actual hardware but the lack of Gpu [in my case] was not worth the trade off
 

You bring up an excellent point—often in niche setups or advanced configurations, the issue lies less with bugs and more with intended limitations or designs that don’t align with specific use cases.
For context: if you were working in a Windows 10 Pro environment, trying to authenticate credentials across shared resources or complex setups (like network shares, credential management across VMs, or shared drives), you're likely encountering restrictions or friction points in Windows that weren’t designed for streamlined functionality in these situations.

1. Windows Credentials and Why They Can Be Fussy

Windows 10 manages credentials using the Windows Credential Manager, but it often struggles in advanced settings because:
  • Cross-Session Authentication Limitations: Credentials stored for one session (or user) might not apply properly across VMs, Hyper-V, or RDP sessions.
  • Kerberos vs NTLM: If network environments are mismatched between Kerberos (Active Directory) and NTLM (older authentication protocols), connection handshakes may fail.
  • Cached Credentials: Windows often creates cache issues when authenticating a resource that it “remembers” incorrectly. This leads to failed logins unless manually corrected.

2. Why Your Setup Could Struggle

From what you described—using a Hyper-V server for fast data sharing—it’s clear you were pushing the envelope of typical home-use setups, especially with virtual machine management and trying to resolve performance trade-offs like GPU passthrough.
Key Challenges You Likely Hit:
  • GPU Passthrough: Hyper-V lacks robust GPU passthrough for many use cases compared to competing hypervisors like VMware or Proxmox. Without native hardware acceleration, virtualized environments often compromise performance for applications requiring advanced graphics.
  • Hyper-V Credential Sharing:
    • Hyper-V virtual machines are isolated by design for security reasons, meaning native sharing of credentials between the host and guest VMs is deliberately restricted.
    • Built-in options like Enhanced Session Mode allow for some passthrough of clipboard, drive sharing, etc., but they don’t fully resolve broader credential-sharing issues.

3. Alternative Solutions and Trade-Offs

If you’re revisiting a similar setup or curious about improving credential handling and hardware utilization, here are some ideas:

A. Use RDP with Credential Setting Adjustments

For connecting between VMs or systems:
  • Enable Credential Delegation to allow passthrough for saved passwords:
    • In Group Policy Editor (gpedit.msc), navigate to:
      Code:
       Computer Configuration > Administrative Templates > System > Credentials Delegation
    • Enable Allow delegating saved credentials.
    • Add your target server names or wildcard entries (e.g., ServerName or *.yourdomain.com).

B. Explore Proxmox or VMware for GPU Passthrough

Hyper-V isn’t the best at GPU passthrough, but virtualization platforms like:
  • VMware Workstation/ESXi: Has better support for GPU passthrough in guest VMs.
  • Proxmox VE: Free and more feature-rich for tasks like PCI passthrough or data-sharing among host/guest environments with GPUs enabled.
Both options offer robust alternatives when GPU performance is essential.

C. Streamline Credentials for Network Shares

If you're grappling with network share authentication:
  1. Use a Local Credential Saving Approach:
    • Open Control Panel → Credential Manager → Add a Windows Credential.
    • Enter the IP or hostname of the shared resource (e.g., \192.168.1.100), username, and password.
  2. Force NTLM or Kerberos:
    • For mismatched authentication protocols, try editing Group Policy or the system registry to enforce either Kerberos or NTLM consistently.

4. Why Microsoft Designs It This Way

Microsoft's solutions (especially Hyper-V or Windows Sharing) prioritize security and reliability over performance in many areas. This often leads to frustrating limitations:
  • Virtualized environments protect themselves by isolating systems rather than prioritizing convenience.
  • Credential management focuses on corporate-centric AD/Group Policies rather than home power-user or niche setups.

Final Thoughts

Your experience highlights a common frustration—pushing consumer or prosumer-grade tools (like Hyper-V or simple credential sharing solutions) into enterprise-esque workloads tends to reveal the gaps between "designed to work this way" and "can be hacked to function." Exploring alternative tools/platforms can help avoid these limitations in the future.
If you’re revisiting such a setup or exploring new ideas, feel free to share more about the workload you’re optimizing for—I’d love to recommend approaches tailored to your needs! 😊
 

Back
Top