Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java(TM) System Directory Proxy Server 5.2 2005Q1 Administration Guide 

Chapter 3
System Tuning

Optimal performance of a service based on Directory Proxy Server requires system tuning. For information about how to tune your system, see the following sections:


Setting the Maximum Number of Concurrent Connections

The maximum number of concurrent connections to Directory Proxy Server is set by the file descriptor parameter, rlim_fd_max,in the /etc/system file.

If the rlim_fd_max parameter is not present in the /etc/system file, the maximum number of concurrent connections to Directory Proxy Server is 1024.

The maximum value of the rlim_fd_max parameter is 4096. Increasing the value of the rlim_fd_max parameter above 4096 can affect the stability of the system.

To Set the Maximum Number of Concurrent Connections to Directory Proxy Server
  1. Add this line to the /etc/system file:
  2. set rlim_fd_max=4096

  3. Reboot the system.


Tuning TCP

The TCP/IP implementation in a Solaris kernel is by default not correctly tuned for Internet or Intranet services. Tune the following parameters to fit the network topology of your installation environment.

Table 3-1 TCP Tuning Parameters 

Parameter

Description

tcp_time_wait_interval

Specifies the number of milliseconds that a TCP connection is held in the kernel's table after it has been closed.

If the value is above 30000 (30 seconds) and the directory is being used in a LAN, MAN, or under a single network administration, reduce the value of this parameter. To the value of this parameter, add a line like this to the /etc/init.d/inetinit file:

ndd -set /dev/tcp tcp_close_wait_interval 30000

This parameter is for Solaris 8 only.

tcp_conn_req_max_q0, tcp_conn_req_max_q

Control the maximum backlog of connections that the kernel accepts on behalf of the Directory Proxy Server process.

If the directory is to be used by a large number of client hosts simultaneously, raise the value of these parameters to at least 1024. To raise the value of these parameters, add lines like these to the /etc/init.d/inetinit file:

ndd -set /dev/tcp tcp_conn_req_max_q0 1024
ndd -set /dev/tcp tcp_conn_req_max_q 1024

tcp_keepalive_interval

Specifies the interval in seconds between keep alive packets sent by Solaris for each open TCP connection.

Use this parameters to remove connections to clients that have become disconnected from the network.

Alternatively, remove idle connections by using the Specify timeout option on the Directory Proxy Server console configuration screen.

tcp_rexmit_interval_initial

Inspect this value when you are performing server performance tests on a LAN or high-speed MAN or WAN. Do not change the value of this parameters for operations on the wide area Internet.

tcp_smallest_anon_port

Controls the number of simultaneous connections that can be made to the server.

If the rlim_fd_max parameter is set to a value above 4096, the value of this parameter should be decreased. To decrease the value of this parameter, add a line like this to the /etc/init.d/inetinit file:

ndd -set /dev/tcp tcp_smallest_anon_port 8192

tcp_slow_start_initial

Inspect this parameter if clients are predominately using the Windows TCP/IP stack.

tcp_ip_abort_cinterval

Controls the time in milliseconds that the Directory Proxy Server waits for an LDAP server to respond when establishing a new connection.

To decrease the value of this parameter, add a line like this to the /etc/init.d/inetinit file:

ndd -set /dev/tcp tcp_ip_abort_cinterval 10000

In some environments, it may also be necessary to change the tcp_ip_abort_interval and tcp_strong_iss tuning parameters.



Previous      Contents      Index      Next     


Part No: 817-7615-10.   Copyright 2005 Sun Microsystems, Inc. All rights reserved.