Heavily degraded performance on Policy Servers

Article Id: 109663

Status: Published

Updated On: 15-08-2018 23:27

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

We're running Policy Server, and since two days, we experience heavy
slowness on some of our Policy servers. We are getting at the time of
the issue messages like :

Connection request rejected. Connection limit of 3072 exceeded

[Sm_Auth_Message.cpp:511][INFO][sm-log-00000] Execution
time exceeded threshold. (CSm_Auth_Message::ProcessMessage, 19953,
5000, agent=myagent client=*10.10.10.10
server=https://myserver.mydomain.com resource=/index.html
action=POST user=)

How can we fix this ?

Cause:

Indeed, the 1024 is too low, if you have set the Max Connection to
3072 and if this is a Production Server with load. From documentation,
we mentioned that value but only to illustrate how the command to set
it work.

Modify the Default Limit Parameters
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/installing/install-a-policy-server/install-policy-server-on-unix/prepare-for-the-policy-server-installation

Environment:

Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP
Component:

Resolution:

Set the value of ulimit -n to a value much higher than 1024 to fix this issue