Quantcast
   
Titan CMS online support, find help and get answers

Improving Performance - ADAM

  • Published:
  • |
  • Version:
 Summary

Active Directory Application Mode (ADAM) is utilized by Titan CMS version 4 to handle all user authentication. As it relates to Titan CMS rendering content, a user requesting a page is first authenticated against ADAM and then authorized to view content based on the security requirements established for that piece of content. 

As a result of authenticating on page requests, it is possible that the default configuration of Windows 2003 and ADAM may be the source of performance issues on high-traffic websites. This article is intended to give information on modifying the default configuration of the Windows IP Stack to enable better performance of ADAM calls.

 Background

Windows 2003 Server has a default IP Stack configuration that only allows client-initiated connections to utilize port numbers less than 5000.  As it relates to Titan CMS, this type of connection is used at the Application level for connecting to ADAM for authentication, and SQL Server for authorization and content retreival. This limitation on port usage applies even when the Application components, ADAM, and/or SQL Server reside on the same physical server.

In addition, Windows 2003 manages the availability of disconnected ports by placing the port number in a wait state. While in this state, the port number can not be reused for a new request. The default configuration of Windows 2003 is to hold that port number for 4 minutes before releasing it for new connections.

In combination, these default settings increase the liklihood of ephemeral port contention under high load situations.  Modifying these settings will mitigate performance degredation risks on a Titan CMS website.

 Instructions

Important: This section contains information on modifing the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

 

Modify Ephemeral Port Range

The default maximum number of ephemeral (short-lived) TCP ports is 5000. To increase the maximum number of ephemeral ports avaialble, follow these steps:

  1. Start Registry Editor
  2. Locate the following key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  3. Add a new DWORD value called MaxUserPort and set the decimal value to 65534 (The default is 5000, valid decimal values range from 5000 to 65534).
  4. Exit Registry Editor, and restart the computer

 

Modify Port Time-Wait Delay

The TCP/IP-state computer dictates that when a connection is closed, the connection is not released until two maximum segment lives (MSLs) have passed. This state is defined as the Time-wait state. Since one MSL is defined as 120 seconds, it takes four minutes for a closed connection to be released in TCP/IP. To decrease the time it takes to release ports, follow these steps:

  1. Start Registry Editor
  2. Locate the following key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  3. Add a new DWORD value called TcpTimedWaitDelay and set the decimal value to 30 (The default is 240, valid decimal values range from 30 to 300).
  4. Exit Registry Editor, and restart the computer
 References

Microsoft Help and Support Article on how to backup and restore the Windows registry.
http://support.microsoft.com/kb/322756/

Microsoft Help and Support Article regarding increasing the range of ports that can be used.
http://support.microsoft.com/default.aspx?scid=kb;[LN];196271

Microsoft Help and Support Article regarding decreasing the wait delay on port availability.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;149532