Overview
In this week’s post, we will outline a few of the Windows registry settings that we use to improve network performance for CA Access Gateway (CAG) servers running on Windows 2016 . To get the best possible performance from the CAG server, several of the operating system and network parameters will need to be tuned. Below we outline a few of the Windows network parameters that should be tuned to increase throughput.
Increase the Number of TCP/IP Ports
The default number of available TCP/IP ports for Windows 2016 is 5000. To increase this value, you must edit the Windows registry using the regedit registry editor as a Windows Administrator.
- Start the registry editor.
- Navigate to the following entry:
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
- Create a new DWORD (32-bit) Value.
- Name the value “MaxUserPort”.
- Modify the new entry.
- Select the decimal radial button.
- Enter a value between 5000 and 65534. We use 65000 as the value.
- Save the changes.
Reduce Length of the TCP Timed Wait Delay
The TcpTimeWaitDelay registry entry controls the length of time that a connection remains in the TIME_WAIT state before the connection is reused. Reducing this value optimizes the number of connections available for server applications. The default value for TcpTimeWaitDelay is 120 seconds.
- Start the registry editor.
- Navigate to the following entry:
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
- Create a new DWORD (32-bit) Value.
- Name the value “TcpTimeWaitDelay”.
- Modify the new entry.
- Select the decimal radial button.
- Enter 30 for the value.
- Save the changes.
Enforce TCP Timed Wait Delay
To ensure that the TCP Timed Wait Delay is enforced by the operating system, the value of the StrictTimeWaitSeqCheck should be changed.
- Start the registry editor.
- Navigate to the following entry:
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
- Create a new DWORD (32-bit) Value.
- Name the value “StrictTimeWaitSeqCheck”.
- Modify the new entry.
- Enter 1 for the value.
- Save the changes.
Increase Number of Ephemeral Ports
In order to prevent ephemeral port exhaustion, increase the number of ephemeral ports to the maximum value of 16777214 by performing the following steps:
- Start the registry editor.
- Navigate to the following entry:
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
- Create a new DWORD (32-bit) Value.
- Name the value “TcpNumConnections”.
- Modify the new entry.
- Select the decimal radial button.
- Enter 16777214 for the value.
- Save the changes.
After completing all of the aforementioned modifications, restart the server to implement the changes.
Import the registry settings
The registry settings done above can also be imported from a registry file.
- Open a text editor and paste the following into the file:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"TcpTimedWaitDelay"=dword:0000001E
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"MaxUserPort"=dword:0000FFFE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"StrictTimeWaitSeqCheck"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"TcpTimedWaitDelay"=dword:0000001e- Save the file with an extension of .reg.
- Double click on the file to import it into the registry.
- Restart the server.
As with the manual modifications, restart the server to implement the changes.
Looking to improve web agent performance? Check out our post on Poor Web Agent Performance: Cache & Connection Management.
As always, we hope that you have found this information useful. If you need IAM assistance, reach out to SIS today and we would be happy to assist you. And subscribe to our newsletter to be notified about the posting of future articles and other SIS news.
