tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: Web server and tomcat - firewall
Date Wed, 07 May 2008 18:14:30 GMT
Andrew Hole wrote:
> HI!
> 
> I don't have perl installed in production servers, but it is windows server
> 2003.

OK, then it is windows error 10054 = Connection reset by peer.

> About mod_jk configuration (mod_jk/1.2.18) :

1.2.18 does not have DisableReuse. It was first implemented in 1.2.19. 
Bad luck. If you upgrade (you should), then go directly to 1.2.26.

> # List the workers name
> worker.list = p1balancer, resumop1
> 
> # ----------------------
> # Load Balancer worker
> # ----------------------
> worker.p1balancer.type= lb
> worker.p1balancer.balanced_workers= p11,p12
> 
> # ----------------
> # First worker
> # ----------------
> worker.p11.port= 8009
> worker.p11.host= 10.202.131.130
> worker.p11.type= ajp13
> 
> 
> # ----------------
> # Second worker
> # ----------------
> worker.p12.port= 8009
> worker.p12.host= 10.202.131.131
> worker.p12.type= ajp13
> 
> 
> 
> # ----------------------
> # Load Balancer worker
> # ----------------------
> worker.resumop1.type= lb
> worker.resumop1.balanced_workers= rp11,rp12
> 
> # ----------------
> # First worker
> # ----------------
> worker.rp11.port= 8007
> worker.rp11.host= 10.202.131.130
> worker.rp11.type= ajp13
> 
> 
> # ----------------
> # Second worker
> # ----------------
> worker.rp12.port= 8007
> worker.rp12.host= 10.202.131.131
> worker.rp12.type= ajp13
> 
> 
> On tomcat side   <Connector port="*8009*" enableLookups="*false*"redirectPort
> ="*8443*" protocol="*AJP/1.3*" />
> 
> Thanks a lot

You should start with reading the (relatively) new docs page about timeouts:

http://tomcat.apache.org/connectors-doc/generic_howto/timeouts.html

They will help detect such a problem and recover more gracefully. 
Especially cping/cpong are helpful in early problem detection.

The pool timeouts should be helpful for closing idle connections, before 
you get a connection drop. Try to understand the page, and if things are 
unclear, ask us.

How do you know, that the firewall is the root cause?

To get a better understanding for the situation, you could compare 
"netstat -an" on the apache httpd side with one on the tomcat side. Look 
only for the relevant ports (8007 resp. 8009) and look for differences 
between the output. There could be small differences for a short period 
of time, but there should be no connections missing or being in a 
different state between the two outputs for a longer time (except for 
TIME_WAIT).

Regards,

Rainer

> On Wed, May 7, 2008 at 2:36 PM, Christopher Schultz <
> chris@christopherschultz.net> wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Rainer,
>>
>> Rainer Jung wrote:
>> |> [Tue May 06 16:24:03 2008] [2704:3128] [error] jk_ajp_common.c
>> |> (951): (p11) can't receive the response message from tomcat,
>> |> network problems or tomcat ( 10.202.131.130:8009) is down
>> |> (errno=54)
>> |
>> | What is errno 54 on your platform?
>>
>> FWIW, errno 54 on my Linux 2.6/glibc 2.6.1 is:
>>
>> "Error 54: Exchange full"
>>
>> ??!
>>
>> - -chris

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message