13 Tips for Optimizing Internet Information Server

TAKE YOUR PICK OF IIS PERFORMANCE BOOSTERS­IIS CONFIGURATION, WINDOWSNT AND TCP/IP TIPS, AND MORE!

Whether you administer a small, corporate intranet or a high-bandwidthInternet site, knowing how to optimize Microsoft's Internet Information Server(IIS) Web server software can affect the success of your project. Microsoftreleased IIS 1.0 in early 1996 as an add-on to Windows NT Server 3.51. Sinceversion 1.0, IIS has grown into a stable, scalable environment for intranet andInternet Web-serving. NT ships with IIS 2.0. (For more information about IIS2.0, see Stephen Genusa, "Serving Up Internet Information," October1996, and the Windows NT Magazine Lab's "Web Server SoftwareRoundup," September 1996.) Microsoft recently released IIS 3.0, whichincludes the Active Server Pages execution environment that lets you run ActiveXScripts and ActiveX Server Components on the server. You can download IIS 3.0from Microsoft's Web site at http://www.microsoft.com/iis. Although much of IISis self-tuning, the product provides configuration options that you can use totune IIS for maximum throughput. Most IIS configuration options are availablethrough the IIS administrative interface, Internet Service Manager, but somerequire changes to the NT Registry. Let's look at several tips for optimizingIIS performance.

Tip 1:
Choose the Right Server Hardware andConfiguration
Pentium-based servers will perform well as IIS servers. IIS runs on MIPS,PowerPC, and Alpha processors, but these machines are more expensive, and Intelversions usually are released before other platforms' versions.

Determining the proper amount of memory depends on what other applicationsyou plan to run on the server. If IIS is the only application, 32MB is probablyenough memory. However, if you plan to run other applications such as SQL Serveror connect to other databases via Open Database Connectivity (ODBC), you'll needa minimum of 64MB of memory for optimal performance. Disk space will varydepending on the size of your Web site. After installing IIS, you can use NT'sPerfmon to help determine the proper hardware requirements to locate anybottlenecks in the system, such as processor utilization, network throughput,and disk access times.

Tip 2:
Use Fast Internet Connections
As with any Web server, IIS's performance depends heavily on the speed ofyour Internet connection. To attach your site to the Internet, an InternetService Provider (ISP) provides you with a network cable. In the US, theseleased connections vary in speed from 56Kbps (with Integrated Services DigitalNetwork--ISDN--or Frame Relay) to 45Mbps (with a T3 connection). Small IIS sitesneed at least an ISDN Basic Rate Interface (BRI--64Kbps to 128Kbps) on anEthernet or Token-Ring backbone. Anything less than ISDN on even a small sitewith a couple of users will quickly consume all your bandwidth and slow downloadtimes to a crawl. Large sites, such as Microsoft's, have up to eight 45Mbps T3lines on 100Mbps Fiber Distributed Data Interface (FDDI) backbones to supportmillions of daily connections.

Tip 3:
Set Up the System as a Standalone Server
When you install NT Server, you can designate it as a Primary DomainController (PDC), Backup Domain Controller (BDC), or standalone server. Formaximum IIS performance, set up your IIS server as a standalone server dedicatedto performing only IIS functions, so it doesn't use additional system resourcesto perform network logon requests. If you have multiple servers, let the serverparticipate in a domain but not as a domain controller. This way, you candistribute user accounts among the servers in the domain for easier accesscontrol and administration.

Tip 4:
Use NT Server's DNS Round-Robin Feature
A great addition to NT Server 4.0 is the new Domain Name System (DNS)service. The graphical interface will shave hours off setting up a new DNSserver and let you manage multiple servers from one interface. To help your siteaccommodate future processing needs and increasing Internet/intranet traffic,NT's DNS service performs a round-robin function. An administrator can add aseries of identical A (host) records in Domain Name Service Manager to create apool of addresses pointing to different physical servers. This virtual routerapproach lets you distribute the processing and traffic load across multipleservers, while providing a fault-tolerant environment in case one server fails.

To create a round-robin pool, add new host records ( i.e., www andftp records) in NT's Domain Name Service Manager for each server and IPaddress. Screen 1 shows a sample round-robin pool. After adding the records, youcan use the ping command with the host name to display an alternating pool ofaddresses (more about ping in Tip 11).

When you use the round-robin approach to distribute network traffic acrossmultiple servers, you also face synchronizing the peer servers' content. Contentis the data available on your IIS server and can include HTML, FTP, or Gopherfiles. Synchronization methods include using FTP, batch processing, or directoryreplication to distribute the same content to your Web servers. Microsoft'slatest NT content-distribution solution is the Content Replication System, whichis part of Microsoft's Com-mercial Internet System (CIS­previouslyNormandy). CIS is a suite of applications including Conference Server,Personalization System, and Merchant Server. Designed as a fault-tolerant,scalable solution, the Content Replication System can distribute and synchronizedata across a range of network sizes--from small LANs to large globalinformation networks with dozens of distribution servers. Microsoft plans torelease the Content Replication System in the second quarter of this year. Youcan find more information about it and other CIS components at http://www.
ms-normandy.com/.

Tip 5:
Use NT's Disk Defragmentation
Another way to help IIS perform better is to use a third-party diskdefragmentation utility, such as Executive Software's Diskeeper or Symantec'sSpeedDisk. In NT 4.0, Microsoft added disk defragmentation code to the Win32 APIto eliminate file fragments and reduce the amount of disk access by theoperating system. File fragmentation occurs when files on a disk are notcontiguous but are broken up and scattered at different physical locations onthe disk. Defragmenting can substantially boost performance, especially onservers with many relatively small files--typical for Web servers. Diskeeper isavailable for both NT 3.51 and 4.0, but SpeedDisk requires NT 4.0. Bothutilities have a lot of features and can operate as background applications.(See page 50 for a review of Diskeeper.)

Tip 6:
Use IIS 2.0 or 3.0
IIS 2.0 and 3.0 are much faster than IIS 1.0 and include many enhancements.Microsoft claims that versions 2.0 and 3.0, which both require NT 4.0, are 40percent faster than IIS 1.0. A comparison rating of these versions is availableat http://www.microsoft.com/iis.

Tip 7:
Change IIS Log and Bandwidth Settings
Internet Service Manager, IIS's graphical administration interface, includestwo properties that affect IIS performance: the log settings and the bandwidthsetting. When configuring IIS logging via Internet Service Manager, you caneither log to a file (network connection information is written to a file) orlog to an ODBC system data source (connection information is written to adatabase); file logging is faster.

When file logging is in effect, IIS receives connection requests and storesthem in a memory buffer with a default size of 64KB. You can change this size inthe Registry: the higher the setting, the less disk activity for logging(filling the buffer takes longer) and thus, better performance. If you want morerealtime logging information at the expense of performance, you can lower thesetting, causing the buffer to flush more frequently. When you shut down theserver, the information in the file-logging buffer is flushed to disk so thatlog data isn't lost. (For information about file logging, see Microsoft'sKnowledge Base article Q142557, available via http://www.microsoft.com orMicrosoft TechNet.)

You can set log file buffer size in the Registry's HKEY_LOCAL_MACHINE hiveas follows:

HKEY_LOCAL_MACHINESystem

CurrentControlSetServices

InetInfoParameters

Subkey: LogFileBatchSize

Be careful when you make changes to the Registry; an incorrect entry canprevent the machine from booting or force you to reinstall NT. (For informationabout setting the log file buffer size and other IIS Registry settings, seeMicrosoft's Knowledge Base article Q143180.)

Another way to obtain realtime connection information is by logging to anODBC data source. Logging to an ODBC database such as SQL Server or Accesswrites connection data to the database in realtime, so the data is alwayscurrent. Of course, this approach greatly slows system performance andthroughput. If you don't require realtime data, use file logging and raise thebuffer level to decrease disk activity.

The second important property in IIS's Internet Service Manager is thebandwidth throttle, located under the Advanced tab on the WWW Service Propertiesdialog box (as shown in Screen 2). By default, this parameter is turned off sothat all IIS services have access to the maximum available bandwidth. Sitesrunning a small intranet can lower the throttle setting to prevent IIS fromconsuming all network resources or possibly overloading slower bridges orrouters. For example, a typical small, corporate intranet site running onEthernet can reduce this value to 1024 to ensure that IIS services consume nomore than 10 percent of available bandwidth. Sites dedicated to providingInternet services must keep this throttle disabled to transmit data at themaximum bandwidth, and ensure the best Web server performance.

Tip 8:
Change the MemoryCacheSize Registry Setting
Most Registry settings are self-tuning, but you can adjust the MemoryCache
Size setting to improve IIS perfor-mance. MemoryCacheSize caches all filehandles, directory listings, and large binary objects; by default, it's set at3MB. Sites with many files can set MemoryCacheSize to a higher value, dependingon available system memory. You must use the Registry editor to change theMemoryCacheSize value (for more information about setting the memory cache size,see Microsoft's Knowledge Base article Q143180).

NT Perfmon includes a powerful tool to help determine whether yourMemoryCacheSize setting is adequate. After starting Perfmon, locate the IISGlobal object (as shown in Screen 3). Set the counter to Cache Misses to analyzethe number of times a file open, directory listing, or binary object request wasnot found in the cache. A high number of cache misses means IIS is spendingvaluable clock cycles looking for objects; a low number means your cache iseffective at the present value. Other Internet Information Services GlobalObject counters let you analyze the amount of cache in use and the cache'seffectiveness.

Tip 9:
Use SSL Encryption Sparingly
The Secure Sockets Layer (SSL) data security protocol encrypts informationas it travels across the Internet; IIS lets you use SSL encryption via the SSLKey Manager. The information you send across the Internet is transmitted asclear text. Thus, a hacker can easily intercept TCP/IP packets, reassemble them,and read the information they contain.

You can use IIS's SSL encryption, but be choosy about what you encrypt (forinformation about using IIS's SSL encryption, see "Serving Up InternetInformation"). Force a Web browser into SSL mode only when you'reretrieving data that must be encrypted for security reasons, such as credit cardnumbers and personal information. (You can tell when your browser is in securemode; look for a lock-key icon in the lower right corner of Internet Explorer orNetscape Navigator.) Don't encrypt large objects such as graphics files; thisprocess can create a substantial overhead for both Web server and browser.

Tip 10:
Convert CGI Executables to Runtime DLLs
The Common Gateway Interface (CGI) lets you add dynamic, or interactive,content to Web pages. CGI acts as a gateway between a browser and otherapplications, such as SQL Server databases. This gateway is an executable filethat accepts environment variables via a default stream file interface calledstandard input (stdin) and returns the processed request through the standardoutput interface (stdout). A new process is created, executed, and terminatedfor every request. This interface increases processing time and requires largeamounts of server memory.

A more efficient alternative to CGI is to convert existing CGI executablesinto runtime dynamic link libraries (DLLs)--
compiled, linked-functionlibraries that you can load during runtime. The advantage of using runtime DLLsis that you can load them into the same memory address space as IIS and run themunder the same process as the HTTP server. Runtime DLLs make IIS's response timequick because the server doesn't have to create, execute, and remove a processfrom memory for every request it receives.

IIS lets you preload certain DLLs--ActiveX components (formerly called OLEAutomation Servers)--to speed response time and unload others to conserve serverresources. You can create ActiveX components in several programming languages,including Visual Basic 4.0 Professional and Enterprise Editions, Delphi, andVisual C++. (For information about creating ActiveX server components, seeModule 3 of the tutorial documentation that ships with IIS 3.0.) You must codecarefully and use adequate error handling when using runtime DLLs or ActiveXcomponents in a program. Programming errors can lead to performance degradationor even IIS crashes. Thoroughly test and debug complex ActiveX components beforeputting them into production.

TCP/IP Tips
ou can improve IIS's performance by tuning TCP/IP, the protocol that Webservers communicate with. Tuning TCP/
IP is especially important if yoursite is interconnected via multiple servers with separate IP addresses; tuninghelps reduce the time servers take to determine communication paths. Tips 11 and12 work only in environments with static IP addresses; that is, the IP addressesassigned to the servers are dedicated, and the servers don't use Dynamic HostConfiguration Protocol (DHCP) or BOOTP to obtain addresses during the bootprocess.

Tip 11:
Permanently Cache MAC Addresses
The starting point for optimizing TCP/IP is to cache the Media AccessControl (MAC) address of the destination host computer (the MAC address is theunique address that the manufacturer burns into a LAN adapter). When the IPstack encapsulates a data packet destined for another host computer, it mustknow the MAC address of the packet's destination. TCP/IP uses the AddressResolution Protocol (ARP) to determine the MAC address associated with aspecific IP address.

Before you can cache a destination MAC address, first use ping to make surethe destination system is connected to the network. At the command prompt, enter

ping hostname
or
ping IP address

If your server and the destination host areproperly connected to the network, from the destination host, you'll get aresponse similar to the following:

Pinging 130.30.0.8 with 32 bytes of data:
Reply from 130.30.0.8: bytes=32 time<10ms TTL=128
Reply from 130.30.0.8: bytes=32 time<10ms TTL=128
Reply from 130.30.0.8: bytes=32 time<10ms TTL=128
Reply from 130.30.0.8: bytes=32 time<10ms TTL=128

Next, to determine the MAC address associated with a specific IP address,use the ARP utility. Enter

arp -g

at the command prompt to display the information shown in Table 1a.The MAC address of node 130.30.0.8 has a physical hardware address of02-07-01-19-d5-56. If the IP address had been on a different subnet, thehardware address would be the address of the router linked to the destinationhost, not the host. The type is dynamic, which means node 130.30.0.8's MACaddress will be flushed from the cache if not used again within 2 minutes.Otherwise, it will still be flushed after 10 minutes.

You can configure the time a MAC address is stored in the ARP cache (calledcache aging) in the Registry (you need NT 3.51 with Service Pack 4 or NT 4.0).The ARP cache is a small section of memory in which TCP/IP stores IP addressesand their associated MAC adapter addresses. Because the ARP cache is always thefirst place ARP looks to resolve an IP address, permanently storing theseentries in the cache prevents the server from having to send a broadcast packetto resolve IP addresses. This process eliminates wasted (i.e., broadcast)packets and improves network communications by producing packets directed onlyto a specific address rather than the entire network. You can permanently storethe MAC address in the ARP cache by using the -s parameter, as follows:

arp -s 130.30.0.8 02-07-01-19-d5-56

The -s parameterstores the MAC address in the cache permanently, or until you restart themachine. After adding the MAC address into the cache permanently and thenentering the command

arp -g

you'll notice the type is now static: The MAC address won't beflushed from the cache, as Table 1b shows.

To boost performance and reduce the number of broadcasts, cache the MACaddresses of host computers the IIS server regularly interacts with, such as SQLServer databases on different host systems. Permanently caching certainaddresses minimizes server-to-server communications time--the amount of time aserver takes to process a user request, execute the request (which may involvecommunications with other servers such as SQL Server databases), and return aresponse to the user.

Tip 12:
Adjust TCP/IP Window Size
Adjust the TCP/IP window size to tune TCP/IP and improve IIS performance.Microsoft's implementation of TCP/IP uses an algorithm called sliding windows.Sliding windows transmit a specific number of packets defined by the window size(the default is 8) and wait for an acknowledgment (ACK) from the destinationhost. When it receives packets, it sends an ACK to notify the source host aboutwhich packets it received. If the destination host didn't receive a particularpacket--for example, packet 5 of the eight packets sent--the source host slidesthe window (number of packets to send) to packet 5, which then releases packets9 through 12. The server waits until a timeout period expires to retransmitpacket 5. The window won't slide past packet 5 until it receives an ACK forpacket 5. This method ensures delivery of all packets across unreliable networkssuch as the Internet.

For a multiserver Web site that's clustered on one physical LAN segment,increasing the TCP/IP window size can be especially beneficial because it putsmore data on the physical layer, thus shortening the ACK wait time. Increase thewindow size only when communicating across reliable networks, such as a LAN.Sites located across one or more routers must keep the default window size ofeight because the routers could drop packets, causing the source host to wait todetermine whether to retransmit packets. You can configure the default windowsize in the Registry (for information about setting this entry, see MicrosoftKnowledge Base article Q120642).

Tip 13:
Use Analysis Tools
You can analyze your IIS server's performance with a tool such as WebStone2.0, the current industry standard for measuring Web server benchmarkperformance. Developed by Silicon Graphics (SGI), WebStone is available for NTand UNIX platforms. You can download it for free from http://www.sgi.com.WebStone lets a series of clients simulate hundreds or thousands of requestsover a configurable amount of time. You can configure WebStone to requeststraight HTML, CGI, or Internet Server API (ISAPI) applications.

To further fine-tune NT server operations, take advantage of the manycounters available in Perfmon under the IIS Global object, as mentioned in Tip8. Monitoring and fine-tuning your servers and network will help to ensure thatyour IIS-based Web site operates at peak efficiency.