2009

Optimizing Proxy Server White Paper

by George Coutsoumbidis

10/12/2009
 Optimizing Proxy Server White Paper 2009
Optimizing Proxy Server Performance

In order to optimize server performance for whatsoever reason, you need to start by monitoring the
server. In most cases, before server monitoring commences, it is common practice to establish baseline
performance metrics for the specific server. Baseline performance metrics are established by measuring
the performance of a particular server under various conditions, at different times of the day, week, and
month, and when the hardware and software configuration changes. Based on the baseline metrics which
you define for the server, you would need to optimize the server when performance of the server by far
exceeds your baseline metrics.

It is recommended to formulate a thorough server monitoring plan once you have established your
baseline performance metrics for a specific server.

A few elements that should be incorporated into a server monitoring plan are:

• Identify those server events which should be monitored.

• Determine and set up monitors and alerts to inspect the events.
• Determine whether filters are necessary to reduce the quantity of monitoring information which
you want to collect and then configure any necessary filters.
• Establish a logging strategy to log event data that should be analyzed. Alternatively, you can
monitor and analyze server activity when it occurs.
• View and analyze data collected by events in the Performance console.

Another key component to monitoring server performance is to identify bottlenecks. A bottleneck can be
described as a condition which is created by a particular resource which in turn prevents other resources
from operating optimally.

Bottlenecks occur when:

• Certain settings are not configured correctly.

• A resource is faulty and not functioning as it should be.
• Insufficient resources exist, and a resource is being overused.
• Where many instances of the same particular resource exist, the resources may not be handling
load equally or efficiently.
• A particular application(s) is hogging a resource.

The techniques that you can use to optimize Proxy Server performance are listed here:

• Caching Web content improves performance. Cached information is accessed by users from a
location on the Local Area Network (LAN). This means that bandwidth utilization to the Internet
ends up being lowered because cached information does not need to be downloaded from the
Internet. All of this leads to an improvement in the service experienced by users.
• Proxy Server also provides a feature called proxy arrays. A proxy array is a solution whereby one
or multiple proxy servers operate as a single cache for client requests. Benefits provided by the
proxy array feature include scalable performance, and fault tolerance.
• Network Load Balancing (NLB) can be used to distribute the processing load of inbound traffic
over multiple proxy servers. This leads to high availability and performance optimization.
• Round Robin DNS can also be used to load balance inbound traffic across multiple proxy servers,
thereby also providing high availability and performance optimization.

Technical White Paper – by George Coutsoumbidis Page 2

 Optimizing Proxy Server White Paper 2009
The advantages of using proxy arrays as a Proxy Server optimization method are listed here:

• Because Web content is cached over multiple servers, no single server hosts all Web content.
• If one server in the proxy array fails, failover is immediately provided.
• Additional fault tolerance is provided for the client.

The advantages of using Network Load Balancing (NLB) as a Proxy Server optimization
method are listed here:

• You can add or remove proxy servers residing in the NLB cluster.
• Load balancing occurs dynamically over all proxy servers residing in the NLB cluster.
• Because load balancing and the addition or removal of proxy servers occurs dynamically,
availability and performance is improved.
• The NLB cluster is automatically reconfigured when a proxy server happens to fail.

The advantages of using Round Robin DNS as a Proxy Server optimization method are listed
here:

• Load balancing is performed on all proxy servers in the round robin DNS.
• Round Robin DNS can operate on all operating system platforms.
• Performance is improved because traffic is basically load balanced over all proxy servers.

If you need to provide the highest possible level of server availability for your Proxy Server
implementation, you should use Microsoft Windows Clustering.
Using Microsoft Windows Clustering provides the following benefits for your Proxy Server implementation:

• The proxy servers all share a common cache.

• If a server in the proxy array fails, failover is immediately provided.
• Because the cache does not need to be built again when a server fails, restore occurs quite
faster.

The following techniques can be used to optimize Internet access and reduce Internet
traffic:

• Use one of the Proxy Server caching methods to optimize Internet access: With passive caching,
Proxy Server stores objects in the Proxy Server cache with each object obtaining a Time To Live
(TTL) value. Before Proxy Server forwards requests to the Internet, it first checks the Proxy
Server cache to determine if the request can be serviced from there. When the Proxy Server
cache becomes full, Proxy Server removes objects from the cache, based on a combination of
factors: object size, object age, and object popularity

The advantages of using passive caching in your Proxy Server implementation are:

o The Internet connection is only initiated when users need to access the Internet.
o No activity occurs when users are not accessing the Internet.

With active Caching, Proxy Server automatically generates requests for specific objects in the Proxy
Server cache so that frequently requested objects remain cached. Proxy Server determines which objects
should be flagged for active caching by considering object popularity, Time To Live (TTL) value of
objects, and server load to determine the level of active caching performed.
The advantages of using active caching in your Proxy Server implementation are:

Technical White Paper – by George Coutsoumbidis Page 3

 Optimizing Proxy Server White Paper 2009
oProcessor overhead is reduced.
oInternet traffic is reduced during times of peak utilization.
• To reduce Internet traffic:
o Reduce the occurrence of Proxy Server having to connect to the Internet. This is done by
enabling the active caching feature.
o Increase the Proxy Server cache size so that more information can be stored in the
cache, and therefore obtained from the cache.
o Increase the Time To Live (TTL) value of cached information.
o Try to reduce the utilization of WinSock Proxy and Socks Proxy applications.

Monitoring Proxy Server Components

The various components to track when monitoring Proxy Server are listed here:

• Monitoring of the CPU should be included when monitoring Proxy Server, even though Proxy
Server does not really intensively utilize CPU resources.
• A component that should be monitored when monitoring Proxy Server performance is memory
usage.
• Another typical component monitored when monitoring system performance is disk performance.
Hard disk performance is especially important when a large quantity of information is going to be
cached.
• Network Monitor can be used to monitor bandwidth usage. Performance is negatively impacted
when existing network traffic surpasses LAN bandwidth or WAN bandwidth.
• The Proxy Server cache should also be monitored. You can increase the size of the cache to store
more objects. You should though regularly monitor the cache to ensure that the most appropriate
size is configured for the cache.

A few strategies which you can implement to ensure that disk performance copes with
caching large volumes of information are listed here:

• Use high performing drive controllers

• Use a dedicated hard disk
• Use a stripe set
• Use hardware based RAID to optimize throughput

How to configure the Proxy Server caching

You can use the Internet Service Manager to configure caching for the Web Proxy service.

1. Click Start, click Programs, click Microsoft Proxy Server, and then click Internet Service Manager.
2. Double-click the Web Proxy service.
3. The Web Proxy Service Properties dialog box is displayed.
4. Click the Caching tab.
5. To configure passive caching, select the Enable caching checkbox and select between the
following options:

• If you want to ensure that the cache has the most recent data, select the Updates are
more important (more update checks) option. Bear in mind though that Proxy Server will
initiate more traffic to the Internet to ensure that the cached information is the most
recent.

Technical White Paper – by George Coutsoumbidis Page 4

 Optimizing Proxy Server White Paper 2009
• If you want the recentness of the cached information and the performance of the proxy
server to have equal importance, select the Equal importance option.
• If you want to provide the best possible user response time, select the Fewer network
accesses are more important (more cache hits) option.

6. To configure active caching, select the Enable active caching checkbox and select between the
following options:

• If you want to provide the best possible user response time, select the Faster user
response is more important (more pre-fetching) option.
• If you want the recentness of the cache information and the performance of the proxy
server to have equal importance, select the Equal importance option.
• If you want to minimize Internet traffic, select the Fewer network accesses are more
important(less pre-fetching) option.

How to configure advanced caching options to enhance Proxy Server cache performance

1. Open Internet Service Manager.

2. Double-click the Web Proxy service.
3. The Web Proxy Service Properties dialog box is displayed.
4. Click the Caching tab.
5. Click the Advanced button.
6. The Advanced Caching Policy dialog box opens.
7. You can limit the size of cached objects here. All objects that exceed the size which you define
are not cached.
8. For cases where an expired object in the cache cannot be updated due to the Web site not being
accessible, you can configure the time duration for which these expired objects can still be
utilized.
9. You can specify the Time To Live (TTL) value for HTTP objects and for FTP objects.
10. You can also configure cache filters which define whether objects should be/should not be
cached from certain Internet sites.

Monitoring Proxy Server Performance Counters

Performance objects and counters are installed when you install Proxy Server.

The general default Proxy Server performance counters installed are listed here:

• %Processor Time; can be used to isolate issues with Proxy Server processing. The counter tracks
the time utilized by the Inetinfo process and the WSPSRV process.
• Active Sessions; can be used to track usage of the proxy server.
• Cache Hit Ratio; can be used to track the efficiency of the Proxy Server cache. The counter
specifies the quantity of requests being serviced by the cache.
• Requests/sec; tracks the rate of incoming requests to the Web Proxy server.
• Current Average Milliseconds/request; indicates the time needed to process a request.

The main counters for monitoring Web Proxy service performance are:

• Sites denied; can be used to determine whether access restrictions specified in your filters are
defined correctly. You can use this counter to determine whether or not too many sites are being
blocked.

Technical White Paper – by George Coutsoumbidis Page 5

 Optimizing Proxy Server White Paper 2009
• Sites granted; this counter should be used with the Sites denied counter to determine whether
access restrictions specified in your filters are defined correctly.
• Total users; shows the total number of users that have accessed and used this server to this
current date.
• Current users; shows the number of users that are at this moment using the server.
• Maximum users; the counter shows the maximum number of users that have concurrently used
the server.
• Inet bytes total/sec; the counter indicates the processing that have occurred between the server
and the Internet.

The main counters used for monitoring Web Proxy service cache performance are:

• Bytes in cache; the counter shows the size of the data currently stored in the cache. You would
possibly have to increase the size of the cache when this counter starts moving close to the
maximum cache size.
• Max bytes cached; shows the maximum number of bytes which have been stored in the Proxy
Server cache.
• Active refresh bytes rate; this counter can be used to determine whether active caching should
be increased/decreased.

How to set counters to track Proxy Server cache usage

1. Open Performance Monitor.

2. Click the View menu item, and then click Report.
3. Click the Edit menu item, and then click Add to Report.
4. Select Web Proxy Server Cache as the performance object.
5. Select the URLs in Cache counter, the Total URLs Cached counter, and the Total URLs Retrieved
counter as the counters to track, and then click Add.
6. Click Done, and then close Performance Monitor.

How to view Web Proxy activity

1. Open Performance Monitor.

2. Click the View menu item, and then click Report.
3. Click the Edit menu item, and then click Add to Chart.
4. Select HTTP Service as the performance object.
5. Select the Current Connections counter, the Maximum Connections counter, and the Connection
Attempts counter as the counters to track and then click Add.
6. Select Web Proxy Server Cache as the performance object.
7. Select the Current users counter, the Maximum users counter, the Http Requests counter, and
the Total Requests counter as the counters to track and then click Add.
8. Click Done, and then close Performance Monitor.

How to verify current Proxy Server user sessions

1. Establish a connection to the Internet from a client computer.

2. Open Internet Service Manager.
3. Double-click Web Proxy service to access its properties.
4. The Web Proxy Service Properties dialog box opens.
5. Click the Current Sessions button on the Service tab.
6. Check whether there is a current user session for the client.

Technical White Paper – by George Coutsoumbidis Page 6

 Optimizing Proxy Server White Paper 2009
Proxy Server Logging

You can enable and configure Proxy Server logging to track Proxy Server performance and Internet
usage. Proxy Server logging is enabled on the Logging tab of the Proxy Server service that you want to
configure it for.

Before enabling Proxy Server logging for a Proxy Server service, you should plan your
logging strategy:

• Determine what aspect of Proxy Server performance you want to monitor.

• Determine what Internet usage activities you want to monitor.
• Determine how logged information is going to be analyzed. Logged files can be saved to a:
• Text file
• Database
• Determine how Proxy Server computers should be configured after logged information is
analyzed.

If you want to track Proxy Server performance issues, you should monitor the following
components:

• The processing performed by Proxy Server.

• Items being cached.
• Items not being cached.
• The size of the Proxy Server cache.
• Active caching.
• The data transmitted via Proxy Server.

To enable logging for a Proxy Server service, you have to access the Properties sheet of that particular
service through Internet Service Manager, click the Logging tab, and then select the Enable logging
using…checkbox. You then have to choose the logging format to use. The logging format that you choose
determines what logging fields are recorded.

You can choose between the following logging formats:

• Regular: This is default format specified. Here, only a portion of the information that can be
loggedis logged:
• Client machine name
• Client user name
• Destination name
• Destination port
• Log date
• Log time
• Object name
• Object source
• Protocol name
• Result code
• Service name
• Verbose: Here, all the information that can be logged is logged:
• Authentication status
• Bytes received
• Bytes sent

Technical White Paper – by George Coutsoumbidis Page 7

 Optimizing Proxy Server White Paper 2009
• Client agent
• Client machine name
• Client platform
• Client user name
• Destination address
• Destination name
• Destination port
• Log date
• Log time
• Object MIME
• Object name
• Object source
• Operation
• Processing time
• Protocol name
• Proxy name
• Referring server name
• Result code
• Service name
• Transport

As mentioned previously, you can log Proxy Server activity to either a text file or to a database. The
default logging method enabled when Proxy Server is installed is logging to a text file. When logged data
is recorded to a text file, you can view the logged information using either of the following methods:

• Text editor
• Export the log files to either a spreadsheet or a database.

When the Log To File logging method is chosen, you can specify the following configuration
parameters on the Logging tab:

• If you want a new log file opened rather than using the same log file all the time, you can select
the Automatically open new log checkbox, and then choose when the new log file should be
created. The existing log file is archived when the interval is reached, and a new log file is
created for logging data.
• Daily, Weekly, Monthly options: Used in conjunction with the automatically open new log
checkbox. Select between these options to specify when a new log file should be created.
• You can enable the Limit number of old logs to checkbox to set how many log files are stored.
When not selected, an infinite number of log files are stored.
• When the Stop service if disk full checkbox is selected, and the hard disk runs out of capacity to
store any further logs, you have to first remove files on the hard disk in order to restart the Proxy
Server service.
• You can use the Log file directory textbox and the accompanying Browse button to specify the
location where log files are saved.

When the Log To Database logging method is chosen, you have to provide the following
configuration parameters on the Logging tab:

• ODBC Data Source Name (DSN) textbox; provide the ODBC DSN for the database to which
information will be logged.

Technical White Paper – by George Coutsoumbidis Page 8

 Optimizing Proxy Server White Paper 2009
• Table textbox; provide the specific table name in the database to which information will be
logged.
• User name textbox; provide a user name for the table.
• Password textbox; provide the appropriate password.

Tools for Troubleshooting Proxy Server

There are a number of tools and command-line utilities that you can use to monitor and troubleshoot
Proxy Server issues.

When you install Proxy Server, performance objects and counters are also installed for Proxy Server. You
can use Performance Monitor to view and monitor real-time performance data, choose which data you
want to collect by selecting between various objects and counters, monitor processes and components
that you want to optimize, plan for upgrades, and for troubleshooting purposes. You can also select the
format or view in which you want to examine collected data.

To open Performance Monitor,

1. Click Start, click Programs, click Microsoft Proxy Server, and then click Monitor Microsoft Proxy
Server Performance.

Event Viewer is used to monitor events that took place on a computer. Event Viewer stores events that
are logged in a system log, application log, and security log. The system log contains events that are
associated with the operating system. The application log stores events that pertain to applications
running on the computer. Events that are associated with auditing activities are logged in the security
log. This makes Event Viewer a good mechanism to monitor for, and troubleshoot problems.

Proxy Server errors are written to the system log and to the application log. When you double-click on a
particular event, the description on the Event Properties tab of the Properties dialog box is displayed. This
provides a detailed description of the event. You can save event descriptions as binary data files if you
want to keep them.

The Event Header and Event Description hold important information on the event that you are examining.
The information recorded in the Event Header is described below:

• Type; indicates the severity of the event. Events are classified according to Information, Warning,
Error, Success Audit, and Failure Audit
• Date and Time; indicates the date and time that the event took place
• Source; the software that logged the event. It could be a program name, operating system
component, or driver
• Category indicates the manner in which the event source categorized the event.
• User; if relevant, this is the name of the user that the event is associated with.
• Event; the event number that indicates the type of event that was generated
• Computer; the name of the computer on which the event occurred

You can use Network Monitor to monitor and log network activity as it occurs on the network. You can
also use the information obtained from Network Monitor to optimize network traffic. Network Monitor
stems directly from the Windows NT Network Monitor.

The key administration tasks which you can perform using Network Monitor are summarized below:

Technical White Paper – by George Coutsoumbidis Page 9

 Optimizing Proxy Server White Paper 2009
• You can capture frames directly from the network which you are monitoring.
• You can configure capture filters to specify the type of information which should be captured by
Network Monitor.
• You can view captured frames immediately once the capture is complete, or at some later stage.
• You can filter captured frames by creating display filters. This allows you to find specific
information in a capture.
• You can create triggers if you want certain actions performed when the content of a packet(s)
match a predefined condition.
• You can edit captured frames and pass them on.
• You can capture frames from a remote computer.

The command-line utilities which you can use to troubleshoot Proxy Server issues are:

• Arp; for viewing the Address Resolution Protocol (ARP) table entries on the local computer.
• Hostname; for checking the current host name details.
• Ipconfig; to determine the current TCP/IP configuration settings and to modify existing TCP/IP
configuration settings.
• Nbtstat; to determine the current state of NetBIOS over TCP/IP connections and change the
contents of the LMHOSTS cache.
• Netstat; to determine the current state of TCP/IP connections and to view protocol statistical
information.
• Nslookup; queries Internet domain name servers for information on operating system, domain
host aliases and services, and to view domain name server records.
• Ping; to verify TCP/IP configuration and connectivity.
• Route; to view the IP route table and modify its content.
• Tracert; to verify a route to a remote system.

Troubleshooting Common Proxy Server server-end issues

The common Proxy Server server-end issues that occur are:

• Proxy Server server setup issues

• Web Proxy service and Web Proxy cache issues
• WinSock Proxy service issues
• Socks Proxy service issues
• Proxy Server array problems
• Packet filtering issues

When you install Proxy Server, Setup records events to the locations listed below. These logs provide a
good source of information for any issues that may arise when Proxy Server is installed in a computer:

• Event Viewer
• A log file called Mpssetup.log

To avoid external network adapter card issues;

• Verify that you have the proper configuration parameters by checking this information with your
specific Internet Service Provider (ISP). The information which you need to verify is listed here:
• IP address
• Subnet mask
• Default gateway

Technical White Paper – by George Coutsoumbidis Page 10

 Optimizing Proxy Server White Paper 2009
• For DNS servers used in name resolution, the DNS domain name and DNS server’s IP
address(es).
• The computer on which you install Proxy Server must only have one IP default gateway and it
should be configured on the external network adapter card.
• Ensure that the external network interface is not specified in the Local Address Table (LAT).

To avoid Proxy Server cache setup issues;

• You should use an NTFS formatted partition to store the Proxy Server cache.
• To enable Proxy Server caching, the following process has to be used:
1. Stop the Web Proxy service.
2. Enable Proxy Server caching.
3. Configure the size for the Proxy Server cache.
4. Save all configuration changes.
5. Restart the Web Proxy service.

A few common Web Proxy service and Web Proxy cache issues are listed here:

• Because the Web Proxy service and the WWW service are tightly integrated, issues occur when
you attempt to make configuration changes and one of these services is still running. For
instance, you will receive an error message if you try to make configuration changes to the home
folder properties for the WWW service while the Web Proxy service is running. After Proxy Server
is installed, and you start or stop the Web Proxy service or the WWW service, the other service is
also started or stopped.
• When you experience password issues, remember that the password authentication defined in
the Properties sheet of the WWW service is utilized by Proxy Server to authenticate Web Proxy
clients.
• If you have experience cache issues, use chkdsk at the command prompt to check whether the
issue is not hard disk related.
• If you persistently experience Web Proxy cache issues and the issue is not hard disk related, stop
the Web Proxy service and then select the Reset Defaults option on the Caching tab. Reinstall the
Web Proxy service and check whether the issue persists.
• Your last option would be to run the Proxy Server Setup program and use the Reinstall option.
1. On the Proxy Server installation CD, proceed to run Setup.
2. Click Reinstall on the Setup screen.
3. Follow the instructions displayed to restore Proxy Server settings/files.

A few common WinSock Proxy service issues are listed here:

• Using third party TCP/IP implementations can cause errors, simply because Proxy Server has not
been tested for these types of implementations.
• Because the Administrator user logon account is the only account able to access ports by default,
you may encounter issues when attempting to access different protocols. To solve this issue;
• Verify that the IP address of the user’s computer is specified in the Local Address Table
(LAT).
• Verify that the user has permission to access the protocol. You can verify this in Internet
Service Manager.
• Verify that protocol is specified in Internet Service Manager.
• Ensure that the IP address of an internal DNS server is specified in the Local Address Table (LAT)
configured when you run the Proxy Server Setup program.

Technical White Paper – by George Coutsoumbidis Page 11

 Optimizing Proxy Server White Paper 2009
A few common Socks Proxy service issues are listed here:

• Because the Socks Proxy service and the Web Proxy service are integrated, stopping the Web
Proxy service also results in the Socks Proxy service stopping. If the Socks Proxy service is not
running, check whether another administrator has disabled the Socks Proxy service through the
registry.
• If packet filtering is enabled, and you have not enabled dynamic filtering, your SOCKS clients
might experience issues to establish connectivity with the Proxy Server.
• Remember that all requests are not permitted by default.
• The first rule which matches a request is used to determine whether the request should be
permitted or denied. Requests that match no defined rules are dropped.
• It is recommended that you utilize the WinSock Proxy service if you are working in a Windows
environment, and especially if you are not knowledgeable on how SOCKS works.

A few common Proxy Server array issues are listed here:

• A common Proxy Server array configuration issue is configuration conflicts occurring. To avoid
array configuration conflicts, it is recommended that you manage one array member at any given
time.
• The recommended array size is no more than 20 Proxy Server computers.
• It is recommended that you utilize user accounts in the domain for proxy arrays. The local user
account should not be utilized.
• To verify the status of a proxy array;
1. Open Internet Service Manager.
2. Double-click the Web Proxy service to display its Properties dialog box.
3. The Web Proxy Service Properties dialog box opens.
4. In the Shared services area of the Service tab, click the Array button.
5. The Array dialog box opens.
6. Verify that the name of the array members is listed in this dialog box.
7. Click OK.

Troubleshooting Common Proxy Server client-end issues

The common Web Proxy client issues encountered are summarized here:

• A few common event messages encountered by Web Proxy clients are listed below. These
messages are sent by the IIS service and can occur with Web Proxy connections to the WWW
service, FTP service, or Gopher service:
• Access is denied; returned by the WWW service when a security issue or permission
issue occurs.
• A connection with the server could not be established; returned by WWW service, FTP
service, or Gopher service when the server for the connection is unavailable.
• Operation timed out; returned by WWW service, FTP service, or Gopher service when the
server failed to respond within the specified time period.
• Server returned an invalid or unrecognized response; returned by the WWW service
when the HTTP request could not be interpreted.
• To provide client access, the TCP/IP protocol or IPX protocol has to be enabled and configured
correctly.
• The C:\Mpcsetup.log file is installed by Proxy Server Setup on the client computer. Use the
information in this file when troubleshooting Web Proxy client setup specific issues. The
Mspclnt.ini file can also be used to troubleshoot Web Proxy client problems.

Technical White Paper – by George Coutsoumbidis Page 12

 Optimizing Proxy Server White Paper 2009
The common WinSock Proxy client errors encountered are summarized here:

• For WinSock Proxy client Setup issues;

• Verify that the WinSock Proxy client was not disabled in WSP Client in the Control Panel
utility.
• Verify that the proper configuration information is in the System.ini file.
• Verify that only one copy of the Winsock.dll exists. The Winsock.dll should be in the
\Windows directory.
• If you have an issue with applications that cannot reach an internal subnet address, check that
the LAT contains all the necessary internal subnet addresses.
• Remember that WinSock Proxy supports passive FTP connections and PASV FTP connections.

A guideline for troubleshooting Proxy Server client issues follows:

• Verify that connectivity exists between Proxy Server and the ISP you are using.
• Check whether any of the Proxy Server services or the IIS service was stopped by another
administrator.
• Verify that the LAT contains all the necessary IP addresses.
• Check the logged information in Event Viewer.
• Attempt to access the Internet from the Proxy Server computer using Administrator account
credentials.
• Attempt to access the Internet from the Proxy Server computer or client workstation using the
security credentials of the user.
• On the client, verify the following:
• Check that the proper protocol is being used.
• Check that the IP address is correct.
• Check that the proxy server configuration settings are specified correctly.
• Attempt to ping the proxy server from the client.
• Attempt to access the Internet.

Technical White Paper – by George Coutsoumbidis Page 13