Tune the proxy server process
You can noticeably improve the performance of Caching Proxy by properly setting up and tuning the system. The following are suggestions for improving setup and tuning.
Set performance-related directives
- PureProxy — Disable a dedicated proxy. This feature improves system performance by completely disabling caching.
- ProxyPersistence — Allow persistent connections. This feature enables clients and servers to maintain open connections. Persistent connections decrease the lag time for requests for documents from the proxy server, but require increased network bandwidth and a dedicated server thread for each connection. Do not allow persistent connections if your setup limits the number of available threads.
- Proxy Configuration –> Proxy Performance: Run as a pure proxy
- Proxy Configuration –> Proxy Performance: Allow persistent connections
Examine other applications
- On AIX®: Examine /etc/inittab
- On Linux: Examine /etc/rc.dfor your system's default run level (typically 2)
- On HP-UX and Solaris: Examine /etc/rc.d for your system's default run level (typically 2).
- On Windows systems:
- Click Start –> Control Panel –> Administrative Tools –> Services.
- Review services that are not required but are set to Automatic.
- Change the startup type for those services from Automatic to Manual.
Verify paging space
Ensure that your system has sufficient paging space for proper operation. The system needs twice as much paging space as physical memory. If possible, spread the paging space across multiple physical drives. For example, a Netfinity 5000 server with 512 MB of memory and five SCSI drives needs 1 GB of total paging space with approximately 200 MB on each drive.
Tune the file system
Caching Proxy creates and destroys many files during the operation. If your proxy server records accesses (using the access log, proxy access log, or cache access log), direct the logs to their own file system so that if the logs grow unexpectedly, they do not use space that is intended for another function (such as the cache).
Tune TCP/IP configuration
Caching Proxy is sensitive to changes to TCP/IP configurations. Lowering the TCP/IP values on any operating system might cause the proxy server to perform in an unexpected manner. More specifically, if the TCP/IP values are set too low, connections might be reset by clients that connect to the proxy server or by origin servers to which the proxy connect. This is especially true for clients that connect to the proxy server through a low-bandwidth connection (56700 bps or lower). If TCP/IP parameters must be lowered, proceed with caution.
Tune TCP time wait interval for high-load environments (HP-UX, Linux, Solaris, Windows)
The TCP time wait interval specifies the length of time that a socket waits for a FIN packet from the sender before forcibly closing. In high-load environments, the proxy server might appear to stall if many sockets remain suspended in the TIME_WAIT state after their connections are closed. Reducing the TCP time wait interval reduces the number of suspended sockets and, in high-load environments, can prevent the proxy server from appearing to stall. It is suggested that this interval be set to 5 seconds.
- On HP-UX:
Issue the following command:
ndd /dev/tcp -set tcp_time_wait_interval 5000
Use the sam utility to set the kernel parameter max_thread_proc to at least 2048.Note: Also, consider adjusting the following kernel parameters: maxfiles, maxfiles_lim, maxproc, shmem, tcp_conn_request_max, tcp_ip_abort_interval, tcp_keepalive_interval, tcp_rexmit_interval_initial, tcp_rexmit_interval_max, tcp_rexmit_interval_min, tcp_xmit_hiwater_def, tcp_recv_hiwater_def. - On Linux:
Issue the following commands:
echo "1024 61000" > /proc/sys/net/ipv4/ip_local_port_range echo "5" > /proc/sys/net/ipv4/tcp_fin_timeout
- On Solaris:
Issue the following command:
ndd /dev/tcp –set tcp_time_wait_interval 5000
Edit the /etc/system file to read as follows::
set tcp:tcp_conn_hash_size=8129
- On Windows:
A registry entry must be created set a TCP time wait interval.
Adjust the Linux kernel
Several limits in the Linux kernel are low and can be modified. Some can be changed through the /proc file system, and others require recompiling the kernel.
Note: The /proc file system is virtual; that is, it does not exist physically on the disk. Instead, it serves as an interface into the Linux kernel. Because it does not exist, your input values are lost on restart. Therefore, place changes that you want to make to the /proc file system in the /etc/rc.d/rc.local file on RedHat or in the /etc/rc.config file on SUSE. Changes are then always activated at restart.
- The file descriptor maximum is 4096 by default. It can be changed
by adding the following to the rc.local file:
echo 32768 > /proc/sys/fs/file-max
- The inode maximum is 16384 by default. It can be changed by adding
the following to the rc.local file:
echo 65536 > /proc/sys/fs/inode-max
- The TCP and UDP port range is by default 1024 – 4999. These ports
can be changed to 32768 – 61000 by adding the following to the rc.local file:
echo 32768 61000 > /proc/sys/net/ipv4/ip_local_port_range
- By default, the number of allowed tasks is 512. If too many tasks are running, this can affect the maximum number of threads for a process. This limit can be increased to 2048 by modifying the value for NR_TASKS in the YourKernelSource/include/linux/tasks.h file.
- In addition, change the value of MIN_TASKS_LEFT_FOR_ROOT to 24. You must recompile your kernel for this change to take effect.
Adjust the AIX thread tuning variables
export AIXTHREAD_SCOPE=S
export SPINLOOPTIME=500
export YIELDLOOPTIME=100
export MALLOCMULTIHEAP=1
You can set these environment variables before starting /usr/sbin/ibmproxy or add them to /etc/rc.ibmproxy if you use the startsrc -s ibmproxy command to start the proxy server. Performance improvement is most evident on SMP systems but in some cases improvement might also be evident on uniprocessor systems.