Category Archives: IIS

Hosting ASP.NET Core Applications on IIS – A Detailed Look

Posted on by

In last few years, I spent a significant amount of time researching, writing, speaking on ASP.NET application’s performance. Performance of a web app is not just its code but it depends a lot on the hosting platform, configurations and the usage of available resources etc. If you are hosting ASP.NET Webforms/MVC application on IIS, then you can follow below tips and get benefitted quickly.

12 tips to increase the performance of your ASP.NET application drastically – Part 1
12 tips to increase the performance of your ASP.NET application drastically – Part 2

Whenever I think about the performance of any web application, there are three major areas comes into my mind (I am not considering the external factors)

  1. Hosting Server
  2. Application itself
  3. Database/Third Party APIs etc

Any application can’t be highly performant until all three are properly optimized. It can perform better if all were taken in consideration in early stages development lifecycle.

ASP.NET Web Forms is/was very popular web framework but it has many known performance issues. To overcome many and to use latest standards and best practices, Microsoft introduced ASP.NET MVC framework. Over time, Microsoft sensed the need of new highly performant cross platform web framework to compete in market and introduced the all new ASP.NET Core framework (Initial Name: ASP.NET 5) which is written from scratch. Although at a high level, most of the constructs are similar with ASP.NET MVC but the underlying engine got completely rewritten.

While working on ASP.NET Core, MS worked on the complete stack, like for backend – they introduced Entity Framework core and for hosting the application, a new highly optimized web server, known as Kestrel. But as we know IIS provides an array of features, configuration and battle tested for all kind of scenarios, Kestrel was not ready as an edge server.

Although the new server was introduced with ASP.NET Core but it appears that initially, the main focus was on ASP.NET core and other backend frameworks. During ASP.NET 1.X, it was advised to used IIS as frontend server which in turn forwards the requests to Kestrel. A reverse proxy was suggested due to security and reliability reasons. It didn’t have defense against attacks and other configurations like various timeouts, size limits, concurrent connection limits etc. So, we only had the option to deploy the application using IIS (Nginx, Apache for other platforms) as reverse proxy. In the newer versions (ASP.NET Core 2.X), lot of enhancements has been made in Kestrel and with ASP.NET Core 2.1 and later, Kestrel started supporting https (which is nowadays basic requirement for hosting any web application on internet). Now it can be used as internet facing server . In this post and coming post, we will discuss the available deployment options with IIS and explore that what is happening behind the scene.

Using IIS as a Reverse Proxy:

In this scenario, ASP.NET Core application is hosted on kestrel which sits behind IIS. At a high level, it looks like

 

 

 

I created an asp.net core sample application which I deployed on IIS. Let’s take a quick look into the steps for deployment.

  1. First, we need to configure IIS on Windows (if it’s not there).
  2. Install the .NET Core Hosting Module (Can be downloaded from here based on the versions).  After installation, you can go to the IIS modules section and ANCM will appear as
  3. Create the website at IIS
    1. Create a folder which will contain app’s published folders, files and binaries
    2. Create a new logs folder inside the earlier created which will contain the logs created by ASP.NET Core module when stdout is enabled.
    3. In IIS, Add a new Website by right clicking on Sites folder under Connections -> ServerName as NetCoreProxy (say).
    4. It by default creates a new application pool named as preferably -. Go to application pools under Connections-> Server Name and Click on NetCoreProxy. Select “No Managed Code” under .NET CLR version 
      “No Managed Code” why? We will discuss it later.
    5. Check the identity which is by default as “AppPoolIdentity” and change it if needed.
  4. Last step, publish the website by Right Clicking on the project in Visual Studio in the newly created folder at 3 a.

Publishing the ASP.NET Core App

While publishing an ASP.NET Core app, we need to select the deployment mode option which has two options: Framework dependent and Self-Contained. Publishing with second option produces a significantly larger binaries because it contains the coreclr and other required system libraries. This should not be a preferred option until necessary because of the huge size and performance implications as it loads all the resources and JIT them on the fly.

Now we should be able to browse our ASP.NET core web site.

Let’s take a look in details

The first question that arises is why do we need to install something on IIS? One of the problems with earlier versions of ASP.NET, that ASP.NET and IIS both has its own pipeline which contains multiple modules (IIS pipeline contains native and managed modules) and each request has to go through both the pipelines invoking each module (However this problem was resolve till certain extent using Integrated Pipeline setting at IIS). Most of the times, many of them are not used by the appliccation. Using ASP.NET Core, we got a new pipeline which has list of middleware that are added at application startup based on the need. To avoid all the IIS overheads, when we install the bundle on IIS, it adds a native module AspNetCoreModule (ANCM) which is invoked at very early stage and forwards the requests to Kestrel as soon as it reaches to IIS. Earlier it was done by an existing module called HTTP Platform Handler which used to forward the request but MS decided to create a new native module ANCM which was fork of HTTP Platform Handler to have better control and able to provide tailored features.

Also, we have seen in deployment steps that we selected “No Managed Code” while configuring the application pool, it means we don’t want to run any managed modules for the requests of this application. As mentioned earlier, IIS pipeline contains the native and managed modules both, ASP.NET core requests do go through some of the native modules like authentication modules (Anonymous, basic, Windows etc), dynamic compression etc. Few native modules are not part of the process and as many of them has a corresponding asp.net core middleware (for details, look here). Let’s take a look that how does it work

We can see here that ASP.NET core app runs into a different process dotnet.exe, not in the worker process which was the case with earlier versions of ASP.NET. I also used the process explorer to see it

Here we can see that dotnet.exe is a different process which runs the application. What is this Console Host process? If we take a look in ASP.NET core’s startup class, we will see a main method, similar to console application which is the first method which gets called when the application starts.

Let’s go through step by step process, how a request is served in this scenario

  1. The request is received by the HTTP.sys from the network.
  2. If response is cached at HTTP.sys then it is sent back from there else gets a place the corresponding Application Pool’s queue.
  3. When a thread is available in the thread pool, it picks up the request and start processing it.
  4. The request goes through IIS processing pipeline. As mentioned earlier the request goes through few native IIS modules and once it reaches to ANCM, it forwards the request to Kestrel (under dotnet.exe).
  5. ANCM has a responsibility to manage the process as well. If (re)starts the process (if not running or crashed) and IIS integration middleware configure the server to listen the request on port defined in environment variable. It only accepts the requests which originates from ANCM.
    Note -Please do note that in ASP.NET Webforms/MVC the application is hosted under the worker process w3wp.exe which is managed by Windows Activation Service (WAS) which was part of IIS.
  6. Once the request is received by Kestrel, it creates the HTTPContext object and request is handed over to ASP.NET Core middleware pipeline.
  7. The request is passed to routing middleware which invokes the right controller and action method (model binding, various filters almost similar way as earlier versions).
  8. Finally, the response is returned from the action and passed to kestrel via Middlewares and later sent back to client via IIS.

So we can see the request processing is quite different than earlier versions ASP.NET apps hosted on IIS.

Using Kestrel as an Edge Server

With ASP.NET Core 2.1, Kestrel got lots of new capability which makes it capable of using it an edge server, however for the enterprise level application, it is still recommended to use it behind a proxy. Obviously, one of the first choices is using IIS in windows environment. With ASP.NET Core 2.2, It got some more refinement which makes IIS a better option. We will discuss that in next blog post. Kestrel as an edge server looks like

As this post is specific to IIS hosting, I will not go into the detail but earlier lots of important web server features like Keep alive timeouts, connection timeout, body reading timeouts, request timeouts, size limits, concurrent connection limits, memory limits etc were not available but now most of the configuration can be done and it supports https as well. Even with that Microsoft suggests using IIS as a reverse proxy due to additional feature, security, configurations and many more.

Hope you have enjoyed the post. Do share the feedback. In next post, We will discuss the In-process enhancement  in ASP.NET Core 2.2 in detail.

Cheers
Brij

Advertisement

Concurrency vs Multi-threading vs Asynchronous Programming : Explained

Posted on by

Recently, I was speaking in an event and I asked a question about Asynchronous programming to the audience, I found that many were confused between multi-threading and asynchronous programming and for few, it was same. So, I thought of explaining these terms including an additional term Concurrency. Here, there are two completely different concepts involved, First – Synchronous and Asynchronous programming model and second – Single threaded and multi-threaded environments. Each programming model (Synchronous and Asynchronous) can run in single threaded and multi-threaded environment. Let’s discuss each in detail.

Synchronous Programming model – In this programming model, A thread is assigned to one task and starts working on it. Once the task completes then it is available for the next task. In this model, it cannot leave the executing task in mid to take up another task. Let’s discuss how this model works in single and multi-threaded environments.

Single Threaded – If we have couple of tasks to be worked on and the current system provides just a single thread, then tasks are assigned to the thread one by one. It can be pictorially depicted as

singlethreadedHere we can see that we have a thread (Thread 1 ) and four tasks to be completed. Thread starts workingon the tasks one by one and completes all. (The order in which tasks will be taken up, does not affect the execution, we can have different algorithm which can define the priorities of tasks)

Continue reading

IIS7 and Higher : system.webServer element ApplicationHost.config vs Web.config

Posted on by

Hi All,

This is another post on Authentication for ASP.NET applications. In one of my last posts, I talked about setting up authentication mode as Windows in web.config and Enabling/Disabling windows authentication at IIS. You can access that post from the below link.

Looking into Windows authentication at Web.config and at IIS
Continue reading

Looking into Windows authentication at Web.config and at IIS

Posted on by

Hello All,

I have seen many confusion around setting authentication mode as windows in web.config and enabling  Windows authentication at IIS.

First thing that there is no relation between setting authentication mode as windows at web.config and enabling/disabling (Integrated)Windows Authentication at IIS.

Continue reading

The requested content appears to be script and will not be served by the static file handler. : A Solution

Posted on by

Today, I faced one issue while working on one sample . And could not find solution in one go and error shown was not intuitive enough.

First let me share my environment. Windows 8 (64 bit), Visual Studio 2012, IIS8

I created an ASP.NET 2.0 web service using Visual Studio 2012 directly at IIS8. But as soon as, I tried to access my web service via browser I found the following error

ErrorAs you can see from the error, it does not point to any cause.

For this error there could be one issue that IIS is not registered with ASP.NET. So to register it, I opened the command prompt with run as administrator and navigated to the folder C:\Windows\Microsoft.NET\Framework\v2.0.50727. I navigated to framework version 2.0 because I was accessing the ASP.NET 2.0 webservice. Now I required to run the following command

aspnet_regiis -i

But as soon as I run the above command, I faced another error

errorcmd

Later, I found that my Operating System (Windows 8) that I am running is of 64 bit version. So again navigated 64bit version executable and it ran successfully

successfullyRanSo you can see above the message “Finished installing ASP.NET <2.0.50727>”.  Here in the above pic, if you see the red encircled area, I have ran here 64 bit version executable.

Also note, this issue arises only if you installed the IIS after installing Visual Studio.

Hope this would save lot of time of yours.

Thanks,
Brij

How to enable HTTPCompression at IIS6

Posted on by

Last week, I was working on performance improvement of one of my projects. So I read several Articles on Internet and found that we can configure HTTPCompression on IIS. It compress the response sent to the browser and the size of the response get reduced dramatically i e major improvement in performance. So I wanted to share you all.

I’ll discuss it point wise.

1: Why do we need HTTP compression?

Nowadays, we are building Rich Internet Applications, which is increasing the size of  Pages heavily. Means the more page size, more time it’ll take to load. But, IIS provides a feature to compress the responses and most common browsers support the HTTP Compression.

Means you can configure, HTTP compression at your web server, and browsers will understand it.

2: How much page size will be reduced.

Normally there are two algorithm supported. One is gzip and other one is deflate. I used Gzip in my website and found that the Page size was reduced by 60 to 70%.

3: When we don’t need compression.

If your page size are very less by default less than 60 to 70k. Then I think you don’t need this. Also if your users are having very high speed Internet then also you can ignore it. Because obviously the compression/decompression is a overhead if you are not gaining much.

4: How HTTPCompression works:

When a browser send a request to IIS, it also the send the information that what all kind of encoding supports. You can see the request header by many tools (One is Firebug that is available as a plugin for Firefox). You will be able to see following line in the request header.

Accept-Encoding: gzip,deflate

It says that this browser accepts gzip and deflate encoding

Now when IIS receives the request and find that that the requester can understand the given encoding. Based on the configuration, it encodes the response.

Now you can see the Response header. There it is mentioned, in what encoding is done on response as you can see it in header as

Content-Encoding: gzip

It means the response was encoded with gzip.

Here I am showing you all an example of Gmail.

Here I am showing the request header sent by the Firefox 3.5

It says it can accept encoding : gzip,deflate

Now let’s see the  response header

As you can see, the response is sent is gzipped format

5: What will happen if Browser does not understand any encoding?

Actually when browser sends a request to the server it tells the server what all encoding it supports and that is available in Request Header. If it does not support,  it may not send the Accept-Encoding tag.

Now when IIS receives the request and if it does not find any encoding mechanism supported by Requester, It does not apply any compression/encoding mechanism and the response is not encoded and sent it in normal format.

So you don’t need to worry about, it any browser does not understand gzip or deflate, then what will happen. IIS takes care, IT only encodes when it is supported by the requester.

6: How to configure HTTPCompression at IIS,

There are two types of Compression that can be configured.

First one: Static ( for static files like some css, javascript file etc.)

Other one: Dynamic (means for for dynamic generated page/response) .

There is no console available to configure to Configure HTTPCompression.

So there are two ways to configure HTTP compression at IIS.

First: Update the IIS metabase files directly.

Second: Use some commands to update it.

Here I’ll discuss the second one and will discuss the commands that can be used to configure it.

Here you need to do two things.

First: Configure the IIS for HTTPCompression

Second: Configure what all types/extension will be encoded

So for that you need to run the following commands at your web server:

Configure the IIS6 for HTTP Compression-

First Open command prompt and go to your IIS root folder, normally it would be “c:\inetpub\adminscripts\” then follow the below steps.

Static Compression:

To see whether Compression is enabled or not:

cscript adsutil.vbs get w3svc/filters/compression/parameters/HcDoStaticCompression

Enable/Disable Static Compression

adsutil.vbs set w3svc/filters/compression/parameters/HcDoStaticCompression true/false

To view what all files will be encoded:

cscript adsutil.vbs get W3SVC/Filters/Compression/gzip/HcFileExtensions (for gzip)

cscript adsutil.vbs get W3SVC/Filters/Compression/deflate/HcFileExtensions (for deflate)

To add more files for Compression

cscript adsutil.vbs set W3SVC/Filters/Compression/gzip/HcFileExtensions “js” “css” “png” “bmp” “swf” “doc” “docx” (for gzip)

cscript adsutil.vbs set W3SVC/Filters/Compression/deflate/HcFileExtensions “js” “css” “png” “bmp” “swf” “doc” “docx” (for deflate)

Dynamic Compression:

To see whether Compression is enabled or not:

cscript adsutil.vbs get w3svc/filters/compression/parameters/HcDoDynamicCompression

Enable/Disable Dynamic  Compression

cscript adsutil.vbs set w3svc/filters/compression/parameters/HcDoDynamicCompression true/false

To view what all files will be encoded:

cscript adsutil.vbs get W3SVC/Filters/Compression/gzip/HcScriptFileExtensions (for gzip)

cscript adsutil.vbs get W3SVC/Filters/Compression/deflate/HcScriptFileExtensions (for deflate)

To add more file extension

cscript adsutil.vbs set W3SVC/Filters/Compression/deflate/HcScriptFileExtensions “asp” “exe” “dll” “aspx” “asmx” (for gzip)

cscript.exe adsutil.vbs set W3Svc/Filters/Compression/GZIP/HcScriptFileExtensions “asp” “exe” “dll” “aspx” “asmx” (for deflate)

Now reset the IIS. Now you web server is ready to compress the responses based on incoming Requests.

I’ll suggest to all configure it at IIS6 and see/analyze the performance.

Note: I have explained above the settings for IIS6.

Please share you feedback:

Thanks,

Brij

Failed to access IIS metabase

Posted on by

Few days back, I formatted my system due to some virus.. Then again installed OS and VS2008 for my learning.I am in habit of using integrated webserver with Visual studio.

But later,I thought of deploying one WCF service. So when I deployed my service and tried to access, It started barfing me.This was running smoothly prior to formatting my system.

I kept trying to resolve this issue but it took a lot of time.Finally it started running as earlier.

Root Cause: Acually after installation of my OS Windows XP, I installed .net framework and Visual studio.Then when I needed IIS, I installed it.

Cause was, ASPNET user does not had sufficient rights over IIS

Solution:Install aspnet using command aspnet_regiis -i as

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>aspnet_regiis -i

then reset iis using iisreset command in command propmpt..

it should work now..

Happy .neting