IIS stops responding

Question

I'm using IIS (on Windows 2003) and have placed a dummy.html in my default web site. The file is empty.

I'm using wfuzz to access this file a large number of times (wfuzz does HTTP requests), with the following command:

wfuzz.exe -c -z range -r 0-5000 "http://localhost/dummy.html"

I run 5 parallell wfuzz for some minute, and then IIS stops responding. When this happens, I can no longer telnet localhost on port 80. If I stop the wfuzz clients and wait for a minute, I can telnet port 80 again.

I only see this problem if I have selected Enable HTTP Keep-Alives in IIS. If I disable this option, the problem seems to go away. I can run 15 wfuzz for several minutes and still be able to telnet localhost on port 80 without any problems.

IIS is configured to use an unlimited number of connections.

So, why would IIS stop responding after a minute when Enable HTTP Keep-Alives is enabled?

At first I thought the problem was that the number of sockets in the TIME_WAIT state was too high, but I don't see why de-selecting Enable HTTP Keep-Alives would solve the problem if this was the cause. If my client disconnects between every request, I don't see that this setting would have any effect on IIS behavior.

Please tag with something like IIS as well... – Johan Aug 19 '09 at 12:04 — Johan, Aug 19 '09 at 12:04

score 1 · Answer 1 · answered Aug 19 '09 at 11:52

Enable HTTP Keep-Alives tries to keep connections open to allow clients to download multiple resources without the overhead of setting up a new connection for each one. The timeout is how long it waits.

Even with a setting of unlimited connections in IIS there is still a limit to the number of connections the machine can handle. By repeatedly setting up new ones in your hammering test you have reached that limit and blocked a new on being made by telnet.

By disabling http keep alive or reducing the timeout, you have increased the turnover of connections but at the expense of increasing the overhead to realworld browsers who do not behave in the same way as your test client. In trying to gain performance you may have actually reduced it.

Like most things, finding the best setting is a balancing act which will depend on your actual usage.

score 0 · Answer 2 · answered Aug 19 '09 at 10:04

0

It was the TIME_WAIT state which caused it. I modified the timeout for the TIME_WAIT state in the registry and the problem went away. Still not sure how Enable HTTP Keep-Alives can affect this but...

answered Aug 19 '09 at 10:04

nitramk

193
1
2
6

score 0 · Answer 3 · edited May 23 '17 at 12:41

For High Performance web sites, MS recommends these changes:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"EnablePMTUDiscovery"=dword:00000001
"MaxUserPort"=dword:0000fffe
"TCPTimedWaitDelay"=dword:0000003c
"TCPMaxSendFree"=dword:0000ffff
"SynAttackProtect"=dword:00000001

Note that server needs to be rebooted for these changes to take place.

See:

(from my StackOverflow answer)

IIS stops responding

3 Answers3