In the domain we have two types of networks. One type is allowed to connect to the internet and the other does not allow connections to the internet. The internal network is available to both.
We have a webserver in the network that hosts a Blazor Server application (using iis). The server is in the network that can use the internet. Now when i use my laptop that is also in the network that can connect to the internet, the website on the server is fast and gives me a snappy response. When i open the same site on a computer that is in the network that is not allowed to connect to the internet, the loading speeds are dramatically decreased. We see a slight increase when we set the protocol to http instead of https, but it is not a game changer.
We see that the data is loaded realy fast but the network request takes up to 6.5 seconds and the loading of data 29 miliseconds.
Anyone have any ideas?
We switched the application from https to http. This was a slight increase.
We used wireshark to check the networktraffic but we see the delays in there as well. The connection itself is good not red flags.
We changed the underlying platform of the application from .net 6 to .net 7. This did not make any difference.
We changed the deployment mode from framework-dependend to self-contained. Still no difference.
As soon as we enable the internet for the network, the site is fast again.
UPDATE 26-01-2023
After some more research we figured out that there are two ip addresses that need to be let through to make it fast again. The IP's are 142.250.179.131 and 23.2.226.23. The first IP is an IP owned by Google and has something to do with gstatic, and the second is from a company named Akamai Technologies.
None of the nuget packages or references in the application code reference any of the packages created by Akamai Technologies or Google. Or is there something else i am missing?
Well, if this is the case. I think this also needs to narrow down the scope of this issue. Have you tried to access the site directly using the domain name and port? For this result, you may need to take different actions:
Issue still occurs. Then this problem may be related to the application code development, you need to review the code and troubleshoot.
Issue resolved. Then you may need to check the performance of IIS server. Try to use the Debug Diagnostic Tool and check its performance. Something like this:
Related
We have some custom http webservice build on HttpListener in .net 4.8.
This thing works fine on different customer systems, however on one of our new customers system, we have trouble getting SSL to work.
The problem is, that accessing a simple echo page (that just dumps the request into the output), modern browsers like firefox, chrome and edge get a connection reset, once the listener starts writing into the output stream.
Internet Explorer and WebRequests work without any issues.
Im pulling my hair out, all I could find is recommendations to reinstall IIS since this seems to be a known problem in old ASP.net Solutions. However we do not use IIS.
The next problem is, the customers IT is really restrictive and does not allow us to install tools like WireShark or Fiddler.
I dont know if there is any other possible combination of netsh commands to add the ssslcert, im certain by now that i treid everything.
We even used one of our own certificates, but no success.
EDIT It seems to be related to the fact, that the customer is using a Windows Server 2022.
Turns out this is a known problem in Server 2022
https://borncity.com/win/2022/10/22/fix-des-ssl-tls-verbindungsproblems-stand-der-sonderupdates-und-betroffene-anwendungen-21-10-2022/
Disabling TLS 1.3 via registry did the trick for us, as a workaround.
Our team has an application in Android, with a .NET c# backend, hosted in IIS.
Recently, we have observed sudden and unexplainable latencies in our customers with the following scenario:
Without any warning, users are enable to change the channel (Zapping) , since the product has to do with Live Media Streaming, and they can not even log out of the application
The mobile application connected to another backend (still a c# backend) , is working properly, without any problem
After some time (which varies from 6 hours of the first incident, to 5 minutes of the last one), it all turns back to normal.
I have enabled Failed Request Tracing logs, to see if I can get anything from there, and I have results as follows:
<failedRequest url="https://ourDNS.com:443/servertime.aspx"
siteId="1"
appPoolId="DefaultAppPool"
processId="22232"
verb="POST"
remoteUserName=""
userName=""
tokenUserName="NT AUTHORITY\IUSR"
authenticationType="anonymous"
activityId="{80013C53-0802-B500-B63F-84710C7967BB}"
failureReason="TIME_TAKEN"
statusCode="200"
triggerStatusCode="0"
timeTaken="45141"
xmlns:freb="http://schemas.microsoft.com/win/2006/06/iis/freb"
>
The page described above is a simple page, that first gets the server's timezone, and then after getting the customer's timezone (that can be set manually from the client), returns the exact date and time of the device where the application is hosted, for further calculations of stream program, what is playing now etc. However, for this page, that returns a simple JSON with a string in it, it requires some times more than 45 seconds (to me this is insane).
Another log from Client side in the moment is one Exception as above:
java.net.SocketTimeoutException
at java.net.PlainSocketImpl.read(PlainSocketImpl.java:491)
at java.net.PlainSocketImpl.access$000(PlainSocketImpl.java:46)
at java.net.PlainSocketImpl$PlainSocketInputStream.read(PlainSocketImpl.java:240)
at org.apache.http.impl.io.AbstractSessionInputBuffer.fillBuffer(AbstractSessionInputBuffer.java:103)
at org.apache.http.impl.io.AbstractSessionInputBuffer.readLine(AbstractSessionInputBuffer.java:191)
at org.apache.http.impl.conn.DefaultResponseParser.parseHead(DefaultResponseParser.java:82)
at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:174)
at org.apache.http.impl.AbstractHttpClientConnection.receiveResponseHeader(AbstractHttpClientConnection.java:180)
at org.apache.http.impl.conn.DefaultClientConnection.receiveResponseHeader(DefaultClientConnection.java:235)
at org.apache.http.impl.conn.AbstractClientConnAdapter.receiveResponseHeader(AbstractClientConnAdapter.java:259)
at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:279)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:121)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:428)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:555)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:487)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:465)
at com.framework.utilityframe.webhelper.HttpRequest.getHttpResponse(HttpRequest.java:316)
at com.framework.utilityframe.webhelper.HttpRequest.httpRequest(HttpRequest.java:393)
at com.tibo.webtv.web.TiboLog.logBufferingError(TiboLog.java:319)
at com.tibo.webtv.CustomVideoView$Buffering_Problem.doInBackground(CustomVideoView.java:324)
at com.tibo.webtv.CustomVideoView$Buffering_Problem.doInBackground(CustomVideoView.java:307)
at android.os.AsyncTask$2.call(AsyncTask.java:287)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:305)
at java.util.concurrent.FutureTask.run(FutureTask.java:137)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1076)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:569)
at java.lang.Thread.run(Thread.java:856)
Reading through different forums, I have seen different causes of performance leaks, starting from database to IIS and even a misconfiguration of the application. I have discarded database as a cause because:
At the moment of the problem, database parameters were absolutely fine, no changes in queries time execution, no waiting tasks, no locking
Secondly, the mobile and Decoder application connect to the same database, and the mobile application is running just fine with the same queries
Now, if I think of IIS, every Application hosted at that AppPool, was running fine and without delays, but still there may be something I am missing over there
And at least, something that makes me suspicious is the fact that the mobile application differs in two ways with the Decoder application:
First, the mobile application takes the responses from the Backend in XML format, the Decoder uses JSON.
Second,the mobile application uses http requests, and the Decoder uses https (SSL)
If anyone has experienced similar issues, their help would be greatly appreciated. And for any other detail you need, just ask and I will provide.
So,
Today, our team made another test, which included :
Application hosted in one server and database in another
Application and database hosted in a completely different server (Azure environment)
In both cases, the result was the same: Latencies and problem at the service.
The problem was neither at the backend nor the server. First, the Java application by mistake executed Sync Tasks when saving the logs to another server(dedicated, with full potential to keep as much data as you can give). Second, the log server had a full HDD, with more than 1 TB of only DB Logs, so when the application executed those Sync Tasks (which came as the first call, before any interaction with the channels), they received the Socket exceptions. So, maybe for someone else who may see this post: PLEASE,ALWAYS CHECK YOUR TASKS IN YOUR APPLICATION,AND ALWAYS CHECK ANY SERVER RELATED TO YOUR APPLICATION!!! Thank you very much :D
I typically have not worried at all about piracy or copy protection with software however I currently find myself in a unique situation. I develop an application for repairing computers for a specific computer repair company. Recently an employee has decided to quit the company after only working there for one month, and took my toolset with her. She then started a computer repair company out of her home and is using my toolset to fix computers. I am not particularly concerned with this person as our lawyers are already in hot pursuit. My concern is with future instances of this where I may not find out about them.
What I would like are some ideas for ways to protect and or phone home without being too over-bearing. I hate software that is too protected and becomes annoying or worse yet, worthless. This application is never to leave the walls of the computer repair company as they do not do on-site repair and I think I can use this to my advantage.
I do have a couple of ideas about how to go about restricting usage to within the company but I would like to hear how others have dealt with situations like this. Currently I keep going back to checking the network for specific servers or ip ranges but does anyone else have any other ideas?
First i think you have to decide what you are protecting against, as game developers have learned over the years you cannot stop ppl from copying your app/game.
Assuming what you want to protect yourself against the above senario again, i can think of 2 ok solutions.And your app has access to the network "always" or normaly duing normal use.
Phone home:
Have the application phone home to some server software, either on the company network or via internet. Have the application send some information to the server, and have it respond with either OK or die command.
To prevent someone from stealing the server, hardcode the server application ( If its installed at the company) to accept 1 physical server ( IE requires the machines has X mac, Y CPU serial, L mainboard serial).
AppServer sending verification
Since you where thinking about sniffing the network from trafic thats posible, but might be better to have a server part that sends out a verficiation code ( IE some public,private key encrypted message with a timestamp?) at periodic intervals.
Depending on X server sends some network trafic every now and then does not seem logical, and could create issues ( IE that server gets removed, but nobody knows you app depends on it to respond to ping).
Also spending on being able to ping XXX.XXX.XXX.XXX and som MAC address in the network is fairly simple to fake.
I've been looking recently at using the open source Rhino Licensing solution http://hibernatingrhinos.com/open-source/rhino-licensing - this seems like quite a sophisticated solution and the source includes an example application which you could alter for your individual needs - e.g. you don't have to lock the user out if you don't want to.
I'm going to develop a POS system for medium scale company
and the requirement for me is to make all data on time for all of their branches
while in my mind, move the server from local to web would solve this problem
but, i never done any online server for window application
may i know what is the best option for use as secure database ?
such as SQL can handle this well ?
i tried to google but all of the result return is not what i want
may i know what will you do when you facing this problem ?
my knowledge on coding is just VB and CS
also SQL for database
i would like to learn new if there is better option
i hope it is impossible to access by anonymous and it is store secure at back-end only
What you probably want to do is create a series of services exposed on the internet and accessed by your application. All database access would be mediated by these services. For security you would probably want to build them in WCF and expose them through IIS. Then your Windows application would just call these services for most of its processing.
If you design it properly you could also have it work with a local database as well so that it could work in a disconnected manner if, for example, your servers go down.
Typically you don't move the server off of the site premises.
The problem is that they will go completely down in the event your remote server is inaccessible. Things that can cause this are internet service interruption (pretty common), remote server overloaded (common enough), basically anything that can stop the traffic between the store location and your remove server will bring them to their knees. The first time this happens they'll scream. The second time and they'll want your head due to the lost sales.
Instead, leave a sql server at each location. Set up a master sql server somewhere. Then set up a VPN connection between the stores and this central office. Finally, have the store sql boxes do merge replication with the central office. Incidentally, don't use the built in replication, but an off the shelf product which specializes in replicating sql server. The built in one can be difficult to learn.
In the event their internet connection goes dark the individual stores will still be able to function. It will also remain performant as all of the desktop app traffic is purely to the local sql box.
Solving replication errors is much easier than dealing with a flaky ISP.
I would recommend you to check Viravis Platform out.
It is an application platform that also can be used just as an online database for any .NET client with the provided SDK. It has its own generic windows and web clients and some custom web solutions for some specific applications.
You may be using it as a complete solution or as a secure online database backend.
I want to make a program that hosts a webpage with computer uptime of the system it is running on but I don't want to do anything to the user's IIS. Is there anyway to do by making some system calls (to the ISAPI dlls etc) in c#?
You want to create a web server?
Try System.Net.HttpListener
You can get the system's uptime in milliseconds using System.Environment.TickCount
Take a look at the HTTPListener class: http://msdn.microsoft.com/en-us/library/system.net.httplistener.aspx
Just serve the page yourself - a simple web server is not hard to write and there are a lot of examples available on the net; from extremely simple to quite advanced. For example this one.
If an alternative to IIS you seek, give Cassinni a try.
As has already been answered, HTTPListener is a good start.
However, you're quickly going to discover issues with firewalls and available ports, so ultimately I think you'll find that doing something to the user's IIS is likely the path of least resistance, at least on systems where IIS is already running.
If IIS isn't an option then you will either need the app itself or an installer to configure Windows Firewall to allow incoming connections. They also may have other software and hardware Firewalls in place which need configured.