Heavily degraded performance on Policy Servers

book

Article ID: 109663

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

We're running Policy Server, and since two days, we experience heavy
slowness on some of our Policy servers. We are getting at the time of
the issue messages like :

Connection request rejected. Connection limit of 3072 exceeded 

[Sm_Auth_Message.cpp:511][INFO][sm-log-00000] Execution 
time exceeded threshold. (CSm_Auth_Message::ProcessMessage, 19953, 
5000, agent=myagent client=*10.10.10.10 
server=https://myserver.mydomain.com resource=/index.html 
action=POST user=) 

How can we fix this ?

Cause

Indeed, the 1024 is too low, if you have set the Max Connection to
3072 and if this is a Production Server with load. From documentation,
we mentioned that value but only to illustrate how the command to set
it work.

  Modify the Default Limit Parameters
  https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/installing/install-a-policy-server/install-policy-server-on-unix/prepare-for-the-policy-server-installation
 

Environment

Release: MSPSSO99000-12.8-Single Sign-On-for Business Users-MSP
Component:

Resolution

Set the value of ulimit -n to a value much higher than 1024 to fix this issue