Solved

IIS Stopped serving pages for 5 min but other users unaffected, why?

Posted on 2014-04-15
13
357 Views
Last Modified: 2014-05-08
I've had this happen a couple of times now... I'm running an IIS 7.0 web server on a couple of different computers (on two different hosting environments) that's serving .asp's with SQL Server connections.  At one point, IIS stops allowing connections for about 5 minutes.  

On the last such event, I was remoted into the server with RDP and could logon to the web site, access pages, and do everything as normal.  However, I tried to log on to the system from another laptop and it timed out.   I had the Task Manager open and the system was hardly working (99% idle, 80% memory, networking < 1%, etc.)

There was nothing of note in any of the Windows Event logs and nothing in any of my application logs.  No application pools or web sites were stopped.

I'm wondering if any of the IIS settings would have an effect on this... positive or negative.  Does anyone know what could be going on or have anything to try?  I'm out of ideas!
0
Comment
Question by:StarDusterII
  • 5
  • 4
  • 4
13 Comments
 
LVL 77

Expert Comment

by:arnold
ID: 40003962
What components were needed? Database check by the initial access? Is database backups run at that time? Check the IIS log to see whether it saw the connection.
Your site might be under DDoS or plain dos attack when this shows up.
Do you have external firewall through which you can see stats on number of incoming connections?
0
 
LVL 35

Expert Comment

by:Bembi
ID: 40004875
I interpret *.asp that data are fetched from the sql in the background. Dependend on the way, how the application works, it can be the IIS or the client, whcih fetches the data. If IIS connects to the database, you should also inspec the event logs of IIS and SQL to have an idea, what is going on. Maybe ther are to many connections to the SLQ server at the same time (i.e if it is SQL express).
Also inspect the client libraries on the clients, so you may try to update the native SQL client on the IIS or client, depended from the question, which machine fetches the data.
Usually the native cleint software should have the same version / patch level than the sql.
0
 

Author Comment

by:StarDusterII
ID: 40004945
Will gather information and let you know.
0
 

Author Comment

by:StarDusterII
ID: 40006232
One entry in the System Log:

A process serving application pool 'DefaultAppPool' exceeded time limits during shut down. The process id was '5684'.

The SQL logs are free of anything unusual.  Bembi, you are correct.  The .asp's are built by IIS accessing the database and creating the html that's sent to the client.  All updates have been applied.   However, I'm not sure how to inspect the "client libraries"... I don't understand how that would come into play nor if native SQL Client is even running.
0
 
LVL 77

Expert Comment

by:arnold
ID: 40006277
If you have multiple applications/sites customizing each site/application o use their own.
To start with you should test with your busiest site separating to see whether you see app pool recycling errors
The recycling settings might be what triggers the recycling right when the site is seeing large amount of traffic.
0
 
LVL 35

Expert Comment

by:Bembi
ID: 40013146
My answer was possibly a bit gerneric

With client libraries I mean every component, which belongs to SQL server, the simplest one is SQL server native clinet. Just keep the libraries on the update level of the SQL server.
(Client is here usually the IIS machine, but even can be the end client, dependend how the SQL access is managed).

At the end, for your own asp solution your connection setting determine, which components are use, so i.e. OLEDB or SNAC, for foreign applications it may some times not so quite clear, what is used.

For your App-Pool error I would also follow arnold, possibly to many apps on the same pool what may produce some deadlocks or interferences. So one pool for one application is a good idea, consumes more ram of course, but allows more individual settings for each app.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:StarDusterII
ID: 40015475
There is only one web site and two apps within that one.  I'll create a separate pool for each and see what that does.

As far as the libraries go, we don't use SQL server native client as far as I know.  IIS is the only thing connected to the SQL server.
0
 
LVL 77

Expert Comment

by:arnold
ID: 40015559
Right, your applications either use DSN or DSnless connection with sql native client or ODBC/ADO connection pooling,etc. many options available.
0
 
LVL 35

Expert Comment

by:Bembi
ID: 40015687
OK. let me shoot into another direction....
As I understand you right, only one user at a time is thrown out for a limitied time.
After this everything is fine..., right??

Have you thought about a kind of flood mitigation? Means if the number of requests from one single user (or source IP) goes over a defined limit, the connection is refused for some time. Such a mechanism exists in the operationg system but can even be a mechanism from a virus sanner or installed firewall product.

In IIS you can enable the normal logs as well as a failed connection log for each web site. If something is denied directly from IIS, you should see it in the iIS Logs / failed connection logs. If it is a OS mechanism, the source is the event log. If it is any other application, it can be logged into the event log or in a application specific log.
0
 

Author Comment

by:StarDusterII
ID: 40024791
When this happens, no one can log on.  It denies access to everyone, except I was able to access the web site while RDP'd into the server.   When I tried to access the web from my laptop browser, it wouldn't respond... to me or anyone else for a period of time.

I'll change the logs and see if there is anything in there.
0
 
LVL 77

Expert Comment

by:arnold
ID: 40024805
Since I have no idea how your site works, it is impossible to guesstimate what might be going on.  If your site is not even loading, that could mean if you have a firewall that the number of sessions it can handle are being exceeded.  Since you do not have two separate systems one serves one site, and another serves another side, there is no way to remove the incoming connection handling as a possible cause without looking to see whether there is anything on the router/firewall that could explain it (network Saturation during the period in question) It is possible to allow RDP (QoS prioritization) while HTTP being saturated.

Internet <=> router/firewall <=> [saturation level reached ]            Web server
internet <=> router/firewall <=> RDP       (connect to web server works) /

Using the logs specifically whether connections were being seen on the web server during the five minute interval.

Using monitoring tools such as Nagios, OpenNMS, zabbix to both monitor the web server internally and one that monitors the web server from an external source could provide a context under which you can determine what if anything is causing this issue as well as have more data that will help identify the issue.

With those types of monitoring tools, you can also identify if this issue occurs at the same time like clock work, at which point looking through what tasks you have setup on the web server, database server such a backups, etc. that could explain this issue.
if you suspect that scheduled tasks have no impact on this, changing the schedule from one of the tasks that deal with the database to another time, then if the issue shifts with this task, you have found your culprit.
0
 
LVL 35

Accepted Solution

by:
Bembi earned 500 total points
ID: 40024807
Which version of SQL server are you using?
0
 

Author Closing Comment

by:StarDusterII
ID: 40051325
Didn't actually fix the problem of course, but the tools were an excellent idea.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Framework versus framework 64 in IIS 8.5 5 102
ASP CDO - Limiting Connections 2 41
app server have enough resources... 2 26
Javascript to allow login/password authorization 4 31
Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now