For obvious reasons, many of us are now working remotely. The result of this is that many systems such as application servers, remote desktop and VPN’s are being pushed to the limit (and in some cases further!)
I have split it into two sections Applications servers and the VPN servers.
Slow web applications (or heavily loaded)
This is a massive area but we will try to focus on some quick (and free) wins.
Web servers tend to work like shop queues when it comes to capacity – Serve customers faster and you can serve more in a fixed time period.
When all your users access over a WAN, as opposed to a LAN, they will take longer to get content thus using up more server capacity and concurrency.
- Profile the application
- If its external then you can use something like this https://www.webpagetest.org/
- If its internal then you can use Chrome or IE or FF Developer tools
- What you are looking for
- SLOW connections
- Large files or images
- Lots of requests
- Slow 3rd party requests
Web server config – Quick fixes for speed and capacity
Application tuning is complex but below might be some quick fixes to get more speed thus the capacity ?
- Ensure that your images have a content expiry date set on the web server – If not then you are creating unnecessary transactions.
- If you are having issues with capacity then disable HTTP keepalives – this will reduce the number of concurrent sessions. I.e. once the user has some contact they will no longer be occupying any connection resource on your web server.
- Free CDN – most popular frameworks such as Jquery etc are hosted for free from google and the like – Change the URL and get google serving up the content not you ?
- If you have loads and loads of images and you can’t consolidate them then use more domains name, i.e. images.mysite.com and css.myside.com
- Why? Browsers can establish a fixed number of connections per host – more hosts = more concurrency
- Ensure you are using http compression compression on the webserver including JS and CSS
- Ideally we should use SSL for everything but maybe at this time we could serve images non SSL – (SSL is very CPU intensive on your server)
- Scale out and accelerate using a load balancer/ADC
- Caching and compression
- Connection management and pooling
- SSL offload
- Traffic management
VPN and remote access
What content are the users accessing Over the VPN?
- Could this be made smaller I.e. images, video etc
- What’s your concurrency like? Do all the user need to be connected for so long? If not kick them off by reducing time-out settings
- Where is the user’s internet traffic going?
- Many corporate VPNs are setup to route all traffic through them meaning that even a user browsing the internet will route via the office server.
- This is useful for security but maybe during this time you could consider local break out?
Do you really need a VPN?
An obvious question but worth considering?
Many services from email (Outlook web access) to CRM (Salesforce, Dynamics) are provided as a directly accessed service these days.
Could you use a proxy such as an Edgenexus ADC to securely provide access to your internal server? (Microsoft TMG was good at this before it was the end of life)
If all else fails then you could load balance your VPN solution such as Microsoft Always on or Direct access(in fact any SSL or IPsec solution) with an Edgenexus ADC.
Good luck – During this time we are happy to help. There is a lot you can do before you need to buy a load balancer. If you do find it’s necessary, our differentiators is exceptional ease of use. So you can deploy in minutes, see the benefit and then it’s one less thing to worry about.