Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
platform
active.directory
adsi
adsi.iis-admin
base
com_ole
complus_mts
component_svcs
database
directx
gdi
graphics_mm
internet.client
internet.server
internet.server.isapi-dev
localization
mapi
messaging
msi
mslayerforunicode
multimedia
networking
networking.ipv6
sdk_install
security
shell
telephony.tapi_2
telephony.tapi_3
telephony.tsp
telephony.wte
tools
ui
ui_shell
win_base_svcs
win16
  
 
date: Mon, 5 May 2008 12:59:28 -0700 (PDT),    group: microsoft.public.platformsdk.networking        back       


schannel app    
All:

I work for an application-service provider.. sort of... anyway.  One
of our many applications is actually a TN3270/telnet application which
has hooks into a microsoft DLL to tunnel/encrypt the user traffic over
SSL.  So on the network, we see encrypted packets destined to/from
port 443.

This traffic hits a load-balancer that offloads the SSL encrypt/
decrypt process.

We are having an issue where, it seems, everything a single user does
(like just login, or pull up a VT100 screen) ends up launching 8-12
TCP connections.  Over the course of a day 160 users launched upwards
of 90000 tcp sessions.

We have many thousands of users that use this application.  Needless
to say, this is starting to cripple our load balancer.

Its my belief.. as an ex-programmer from a decade+ ago, that for the
duration a user is logged into this app there should be a single TCP
session.

Does anyone know why this might be occuring or if there is someway of
fixing this?  I am speaking in the broadest possible terms here
because I am a network engineer, not a programmer.

Thanks for your help.

Derick
CCIE 15672
date: Mon, 5 May 2008 12:59:28 -0700 (PDT)   author:   unknown

Re: schannel app    
Couple of thoughts; Kinda sounds like the connection is not being closed 
when the app is terminated.  I have had a similar issue where a passive 
listener would daily use all of the ports on the server.  It turns out that 
the provider does not close the session connection when it times out.  The 
solution was to implement keepalives.  If one sends a keepalive packet and 
connection has been orphaned, one receives a 10054 error (at least in c#). 
On the error, brutally close the socket connection.
  If one app is opening 8-12 tcp sessions, and not closing them, I would 
question the design of the app, but I know nothing of app.  Maybe there is a 
reason for this many sessions.  But they should be cleaned up when the app 
terminates.

 wrote in message 
news:9b3f4dc2-393b-4f72-b889-bb89fd9631f8@d45g2000hsc.googlegroups.com...
> All:
>
> I work for an application-service provider.. sort of... anyway.  One
> of our many applications is actually a TN3270/telnet application which
> has hooks into a microsoft DLL to tunnel/encrypt the user traffic over
> SSL.  So on the network, we see encrypted packets destined to/from
> port 443.
>
> This traffic hits a load-balancer that offloads the SSL encrypt/
> decrypt process.
>
> We are having an issue where, it seems, everything a single user does
> (like just login, or pull up a VT100 screen) ends up launching 8-12
> TCP connections.  Over the course of a day 160 users launched upwards
> of 90000 tcp sessions.
>
> We have many thousands of users that use this application.  Needless
> to say, this is starting to cripple our load balancer.
>
> Its my belief.. as an ex-programmer from a decade+ ago, that for the
> duration a user is logged into this app there should be a single TCP
> session.
>
> Does anyone know why this might be occuring or if there is someway of
> fixing this?  I am speaking in the broadest possible terms here
> because I am a network engineer, not a programmer.
>
> Thanks for your help.
>
> Derick
> CCIE 15672
>
>
date: Tue, 6 May 2008 15:05:29 -0000   author:   Steven

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us