4

I have a Visual Studio load test that runs through the pages on a website, but have experienced big differences in performance when using a load balancer. If I run the tests going straight to Web Server 1 bypassing the load balancer I get an average page load time of under 1 second for 100 users as an example. If I direct the same test at the load balancer with 2 web servers behind it then I get an average page load time of about 30seconds - it starts quick but then deteriorates. This is strange as I now have 2 web servers load balanced instead of using 1 direct so I expect to be able to increase load. I am testing this with Azure Web Application Gateway now, and Azure VMs. I have experienced the same problem previously with an NGinx setup, I thought it was due to that setup but now I find I have the same on Azure. Any thoughts would be great.

John Corker
  • 192
  • 1
  • 10
  • What size of web app gateway? – CtrlDot May 28 '17 at 00:17
  • Started with medium WAF gateway, 2 instances. Changed these to large and got near exactly the same results from a 15min 100 user load. – John Corker May 28 '17 at 05:52
  • I have the exact same thing. Did you get it resolved? I suspect the WAF is causing the delay so I'm trying to minimize the set of rules it enforces (or completely disable it) but not sure if that would help – Muzikant Aug 10 '17 at 12:04
  • Hi, I had to completely disable the firewall to get the performance. I also ran into other issues with the firewall, where it gave us max entity size errors from a security module and after discussing with Azure Support this entity size can not be configured so keeping the firewall would be some large pages would no longer function and get this error. This happened even if all rules were disabled, I spent a lot of time experimenting with different rules on/off. – John Corker Aug 10 '17 at 12:21

2 Answers2

2

I had to completely disable the firewall to get the consistent performance. I also ran into other issues with the firewall, where it gave us max entity size errors from a security module and after discussing with Azure Support this entity size can not be configured so keeping the firewall would mean some large pages would no longer function and get this error. This happened even if all rules were disabled, I spent a lot of time experimenting with different rules on/off. The SQL injection rules didn't seem to like our ASP.NET web forms site. I have now simulated 1,000 concurrent users split between two test agents and the performance was good for our site, with average page load time well under a second.

John Corker
  • 192
  • 1
  • 10
1

Here are a list of things that helped me to improve the same situation:

  • Add non-SSL listener and use that (e.g. HTTP instead of HTTPS). Obviously this is not the advised solution but maybe that can give you a hint (offload SSL to the backend pool servers? Add more gateway instances?)
  • Disable WAF rules (slight improvement)
  • Disable WAF + Added more gateway instances (increased from 2 to 4 in my case) - SOLVED THE PROBLEM!
Muzikant
  • 8,070
  • 5
  • 54
  • 88