I have Windows Server 2012 r2, Hosting multiple websites on http and https protocols.
when the current connections reach 26000 the https is not served although the http is serving normally .
After the 36000 connections the http also is not serving any website.
also the lsass process takes about 20 to 25 percent of the cpu staring from 26000 connections.
is there a way to increase the number of connections served or do I need another server behind load balance.
I changed the SSL certificate RSA key size from 4048 to 2024 and it works just fine .
The reason that the processor take too much calculations to encrypt and decrypt bigger key size.
Related
I am setting up load test for SaaS platform.
I want to benchmark 20 clients connect to SaaS Platform and push some data.
Each client can send maximum of 2 MB and average of 200 Bytes data to SaaS endpoint.
Which one testing is better setting up 20 Clients on single machine or setting up 20 Clients on 5 different machines?
I want to know from TCP stack point of view?
Now when we run 20 clients in a single machine, it will create connection to same destination address and destination port but 20 different Source Ports.
However in background will it use same TCP connection to push data of 20 clients?
From "TCP stack" point of view one "client" == one "connection". If the server doesn't have any background logic to check source IP address in order to restrict requests rate - you can go for a single machine.
See Connection establishment for more information.
In general you need to mimic real life usage of the SaaS platform by end users (or upstream/downstream systems) as close as possible so carefully choose a load testing tool which can produce the same network footprint in terms of creating connection, re-using it and keeping it alive
I'm stumped by a very strange behavior on my machine.
Trying to port a Remoting application to WCF I wanted to implement a "one proxy per server call" scheme (like proposed here).
I went for a standard net.tcp binding and noticed that the first (and now, only) call for each proxy was incredibly slow: opening the client channel took about 2 seconds!
At first I thought it's because of the default transport security for net.tcp bindings, but switching to Security.None didn't bring any improvement.
After lots of tests I found out that basicHttp binding was about 1000 times faster: opening the channel took about 2 ms!
Then I tried playing around with the service URI. For my tests both server (self hosted) and client were on the same machine (in fact even in the same process).
In the beginning I used "net.tcp://localhost:Port/..." and got 2 seconds for opening the channel.
Just out of curiosity, because I'm working over an RDP connection via VPN, I tried my machine's explicit hostname "net.tcp://myworkmachinehost:Port/..." and now it took 4 seconds to open the channel!
Finally I tried avoiding name resolution and used "net.tcp://127.0.0.1:Port/..." and suddenly everything was blazing fast: Opening the channel took a mere 2 ms!
A colleague of mine got the same 2 second delay with "localhost" on his machine (not working from remote). Using his hostname also gave 2 seconds and using the IP address was fast as well.
With basicHttpBinding there's no performance difference in how we specify the service URL.
Calling "nslookup myworkmachinehost" immediately returns my IPv4 address, so name resolution itself also seems to be fast.
Apart from modifying the server address on client side I also tried all possibilities with the server with very strange results.
Server endpoint address net.tcp://0.0.0.0:Port...
Client URL 127.0.0.1:Port: 6 ms
Client URL localhost:Port: 2005 ms
Client URL myworkmachinehost:Port: 4007 ms
Server endpoint address net.tcp://127.0.0.1:Port...
Client URL 127.0.0.1:Port: 6 ms
Client URL localhost:Port: 20135 ms
Client URL myworkmachinehost:Port: TIMEOUT after 10 s
Server endpoint address net.tcp://localhost:Port...
Client URL 127.0.0.1:Port: 5.5 ms
Client URL localhost:Port: 1.5 ms
Client URL myworkmachinehost:Port: 1 ms
Server endpoint address net.tcp://myworkmachinehost:Port...
Client URL 127.0.0.1:Port: 8 ms
Client URL localhost:Port: 2 ms
Client URL myworkmachinehost:Port: 1.5 ms
How can this be and what can I do to further analyze this situation?
Thanks in advance...
I'm using Squid 3.5 on windows 2012 server and I want to know how many DNS requests my server makes.
Some more details:
I suspect it makes a dns query on every request and produces a slightly added latency that could be avoided.
Is there any means of finding out this info? I have tried squidclient mgr:5min and it shows how long dns requests take on average, but doesn't show the count.
My dns.median_svc_time reads 0.025624 seconds, and it's fine as long as it caches those responses, but if it's 25 msec added to every request, then this is totally unacceptable.
Yes, squid should be able to give you the info you want via cache manager. It provides FQDN stats and a full IP Cache summary (Which I suspect is more what your looking for)
Have a look at the docs here for the fqdn info and here for the full ipcache details, it gives details of what they both mean/provide.
You access these via;
http://localhost/cgi-bin/cachemgr.cgi?host=localhost&port=3128&user_name=&operation=fqdncache&auth=
http://localhost/cgi-bin/cachemgr.cgi?host=localhost&port=3128&user_name=&operation=ipcache&auth=
I noticed that the connecting time for my site is slower than for the other sites that I have tried. 100 - 200 ms.
I am referring to the connecting time on the Network tab (dns lookup, connecting,waiting, etc.)
How can I improve it? Is it just something that is controlled by my host (Webfaction) or can I change some settings? I am the only person on my site at this time. DNS lookup is fast, not sure if that's relevant.
Site opening slow for that there are so many reason or parameter affect.
Bandwidth on server.
traffic on Server in term of request with its data size.
some Network issue like DNS is resolving your query quite slow. (use 4.2.2.2 or 8.8.8.8 DNS server)
Last but not have much probability that some on attack on network of doing flooding.
my suggestion to verify your Server Bandwidth and new HTTP connections per second.
also look that some uploading or downloading is going on or not.
Is there a limit to the number of HTTP ports in a machine. I have a windows application that uses .NET Remoting. Each instance of the application, exposes a Remote object on load, through a HTTP Channel with port 0 (so that port can be decided dynamically). In a Multi user environment, will there be a limit to the number of HTTP Ports.
Thanks in Advance!
Yes there will be a limit to the number of ports available which is 65535 minus the number of ports already in use for existing services (for example, SMTP [25], HTTPS [443], SQL Server [1433], etc).
So on a typical Windows server, a finger in the air calculation would be 65535 - 1024 (the well know service ports <= 1024 which are considered out of bounds) - another 10-20 or so possible other application (SQL Server, MySQL, Oracle, etc). This would leave around 64490 post available.
However will you really be running 64000 of instances of your server?