Tune Domino HTTP connections
Daniel Nashed – 22 May 2023 07:49:47
When performing performance tests with a new tool I wrote based on LibCurl, I noticed many connections in network TIME_WAIT.
It turned out I had persistent connections enabled. But the value was set to low on the server.
Other servers with higher values, had much less TIME_WAIT sessions.
Performing some basic load test using a remote client, it turned out that for a larger number of HTTP requests in a short time, this setting can improve your Domino HTTP server performance.
This also reduces the number of TCP/IP sessions opened.
Most of my servers did already use the following values -- The default setting would be 5 requests, which is a bit too low.
HTTP persistent connection: Enabled
Maximum requests per persistent connection: 100
---
Description: Specify the maximum number of HTTP requests that can be handled on one persistent connection. The default is 5.
Reference: https://help.hcltechsw.com/domino/12.0.2/admin/tune_specifyingnetworktimeoutsonthewebserver_t.html
Simple Test Setup
I had a very simple setup for my quick test. The tool ran the following load:
| Threads | 10 |
| Requests per thread | 1000 |
| Total Transfer | 56 MB |
| Data/Req | 5887 bytes |
Which resulted in the following performance values:
| Test | Average request time (ms) | Total run-time (sec) |
| 5 requests per connection | 180 | 200 |
| 10 requests per connection | 97 | 103 |
| 100 requests per connection | 81 | 83 |
| TLS connection | 187 | 207 |
TLS Sessions
One important side note is that TLS/SSL sessions work differently. A TLS/SSL session has way higher overhead than establishing a new TCP/IP session.
Therefore the TLS/SLL stack uses TLS session resumption and tries to reuse sessions as much as it can.
You can see the TLS performance with a ECDSA NIST P-256 key in the table as reference.
Log output from SSL_LOG_SUCCESS=1
TLS1.2 resumed 79.194.8.70 (52459) -> 172.18.0.3 (443) - ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xC02C)
Conclusion
You should really double check, if your Domino HTTP server has persistent connections enabled and in most cases you should really increase value of the request at least to 40.
- Comments [5]
![[HCL Domino]](../lotus-domino.gif){kind=small}
![[Domino on Linux]](../domino-linux.gif){kind=small}
![[Nash!Com]](../nashcom.gif){kind=small}
![[Daniel Nashed]](../daniel-nsh.gif){kind=small}