We have TFS installed in our corporate environment on one domain (corpnet), but we usually access it from a separate developer network (devnet). Devnet is setup to trust corpnet, but corpnet does not trust devnet. Accessing TFS from devnet (via web access or VS) worked absolutely fine before.
I recently upgraded our TFS instance to 2017, and we've noticed that from devnet access to TFS has become unusable, with lots of requests taking upwards of 10 seconds to complete. It seemed slightly better for a few requests once a request had been made, but after a short period the next request would be incredibly slow again. Accessing TFS from corpnet machines was completely fine.
Out IT department have been investigating the issue. I just read this post which made me wonder if we were being affected by this largely undocumented change. I just used TFSConfig Authentication /provider:NTLM /siteType:ApplicationTier to change it back to NTLM and now access to TFS is completely fixed. Sounds like the 'extensive testing' didn't quite cover our scenario.
Team Explorer VS2013 TFS 2010 - TF30063
TF30063 when changing Notification URL
Useful to allow tasks to be 'unassigned'
Cannot add TFS server group to Access Level
unable to see build step logs, tfs 2017