Impact of enabling Sessions on IIS 5.0

Evan Nelson

We are running our website on 3 W2K servers using classic ASP and IIS 5.0.
Because the servers are load balanced we don't use the ASP Session object
instead we store session type information to the database. Since we don't
use them, we do not enable Sessions in IIS

We recently purchased a 3rd party application that stores some security
information into the Session object. Since the the package is storing and
retrieving from the session in the same request, I don't believe that I have
to worry about the session information being lost if all of a user's requests
are not to the same server. I have tried changing the code to use the
database session that we have and haven't had much luck getting it to work.
So, I am considering just enabling sessions and setting the session timeout
to one minute.

Here's my question? What kind of impact will enabling sessions have on
performance? I'm sure that additional memory will be used but is there any
way to estimate how much. I'm also sure it will slow things down a little,
but am I talking 1 millisecond per request or something bigger.

Any guidance will be greatly appreciated.

Thanks,

Evan Nelson

Sep 14 '06 #1

Follow Post Reply

1876

Aaron Bertrand [SQL Server MVP]

Enabling session state will require minimal memory... basically the size of
the sessionID string and the writing to/form the cookie on the client. The
only overhead you are going to notice is when you actually USE the session
to store/retrieve data. Most of us are using sessions, AFAIK, and for the
most part, it is not crippling our apps anywhere near the point of
researching other ways to mimic sessions.

Of course, the only way to know is, TRY IT. We have no idea how your app
works, how (in)efficient your third party app is at utilizing session, how
many concurrent users you will have, and about 8,000 other variables that
are necessary to answer your question authoritatively.

A

"Evan Nelson" <Ev********@discussions.microsoft.comwrote in message
news:BB**********************************@microsof t.com...

We are running our website on 3 W2K servers using classic ASP and IIS 5.0.
Because the servers are load balanced we don't use the ASP Session object
instead we store session type information to the database. Since we don't
use them, we do not enable Sessions in IIS

We recently purchased a 3rd party application that stores some security
information into the Session object. Since the the package is storing and
retrieving from the session in the same request, I don't believe that I
have
to worry about the session information being lost if all of a user's
requests
are not to the same server. I have tried changing the code to use the
database session that we have and haven't had much luck getting it to
work.
So, I am considering just enabling sessions and setting the session
timeout
to one minute.

Here's my question? What kind of impact will enabling sessions have on
performance? I'm sure that additional memory will be used but is there
any
way to estimate how much. I'm also sure it will slow things down a
little,
but am I talking 1 millisecond per request or something bigger.

Any guidance will be greatly appreciated.

Thanks,

Evan Nelson

Sep 14 '06 #2

This discussion thread is closed

Similar topics