iTP Secure WebServer System Administrators Guide (Version 7.5+)
Running the iTP Secure WebServer relies on the properly configured TCP/IPv6 or IP CIP environment.
Every processor specified in the Server CPUS command (in the httpd.config configuration file)
needs to be enabled to run TCP/IPv6 or IP CIP. In other words, the TCP6MAN/CIPMAN needs to
be properly configured and run. As a result, there is a TCP6MON/CIPMAN (the monitor process)
running on every processor specified in the Server's CPUS command. In the configuration phase
of the startup, the iTP Secure WebServer will validate the existence of these processes. If not all
these processes are running, the Auto-Accept feature will not be used. The iTP Secure WebServer
will fall back to the conventional TCP/IP solution.
Unlike the conventional TCP/IP subsystem, the TCP/IPv6 and IP CIP allows the iTP Secure WebServer
to create a listening socket on each of these processors. By creating a listening socket on each of
these processors, the httpd servers provide the listening capability for themselves. Therefore, mixing
the TCP/IPv6 and IP CIP with conventional TCP/IP subsystem is not permissible. If both
TCP6SAM/CIPSAM process and conventional TCP/IP process are specified as the transport service
providers, the Auto-Accept feature will not be enabled.
Migration Considerations For TCP/IPv6 and IP CIP Support
TCP/IPv6 and IP CIP require the httpd server to be static server in a PATHWAY environment to
perform well. Although it does provide the ability to create dynamic httpd servers while the request
load exceeds the static capacity, it requires more system resources serving requests. The response
time for some of the requests might not be adequate when the new servers are being created.
In addition, it creates a risk of losing a few connections when the PATHWAY removes the dynamic
servers. The Auto-Accept feature traded the Distributor with better performance. Better performance
is achieved by having the httpd servers accept the new connection requests directly from transport
layer (TCP/IPv6 or IP CIP) rather than having the Distributor accept the new connection and then
distribute to httpd servers.
Because the httpd servers are now selecting the new connections, removing an httpd server might
disrupt the pending new connections (those connection requests that have been forwarded to the
httpd server and have not yet been picked up by the httpd server). The PATHWAY does not
recognize these pending connections and might remove a dynamic server when it has no more
links with the Link Manager.
A further delay has been instrumented in the httpd server to complete all of its outstanding pending
connections before it does the exit. However, the timing window might still exist. Therefore, the
new Deletedelay server directive is introduced to allow user to specify a longer delay before a
dynamic server is removed.
For information on Deletedelay, see “Server” (page 247).
To achieve a better performance and non-disrupted Web service environment, HP recommends
that a survey of the request load. The following are some of the configuration guidelines
recommended:
• Specify at least the same number of static httpd servers as those processors intended to run
httpd servers. For example, if the httpd SERVERCLASS is configured to run on processor 0 to
5 (total of 6 processors), the Numstatic value should be at least 6. HP tests have shown 3
httpd servers per processor will achieve the best performance.
• Use a higher value for TANDEM_RECEIVE_DEPTH. The maximum value support is 255.
Depending on the speed of the processor, higher value will potentially reuse more sockets
created for accepting new connections and save more processor cycles. Specifies a value
lower than 50 might not be adequate.
• Time your operation's peak hours and off-peak hours, and specify an adequate value for the
Deletedelay. The dynamic servers will only be created in the peak hours, specify a Deletedelay
that will allow the servers to be removed only in the off-peak hours. For example, if the peak
operation hours are 11:00 AM to 6:00 PM, specifying 7 hours of Deletedelay will allow the
dynamic servers to be removed after 6:00 PM. But, if you have multiple peak hours, it might
48 Planning the iTP Secure WebServer PATHMON Environment