tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kumar Muthuramalingam <kumarkm...@gmail.com>
Subject Re: sudden increase in tomcat sessions..?
Date Tue, 11 Feb 2014 18:26:16 GMT
Yes I can check those configurations. In the meanwhile I have another
question. Please take a look at the log below.

[11/Feb/2014:12:50:24 -0500] "GET / storyboard /stat/
QueryUpdate.jsp?stats=0&sid=0.40406329182209005 HTTP/1.1" 200 151

[11/Feb/2014:12:50:24 -0500] "GET /storyboard/stat/
QueryUpdate.jsp?stats=0&sid=0.8922158437812004 HTTP/1.1" 200 150

[11/Feb/2014:12:50:24 -0500] "GET / storyboard
/Ping.jsp?sid=0.6657171303118625 HTTP/1.1" 200 4

[11/Feb/2014:12:50:24 -0500] "GET / storyboard
/stat/QueryUpdate.jsp?stats=0&sid=0.9436391119344767 HTTP/1.1" 200 151

[11/Feb/2014:12:50:24 -0500] "GET / storyboard /stat/
QueryUpdate.jsp?stats=0&sid=0.16625583282619777 HTTP/1.1" 200 150
[11/Feb/2014:12:50:24 -0500] "GET / storyboard /stat/
QueryUpdate.jsp?stats=1&sid=0.8878346617799924 HTTP/1.1" 200 249

Here I got a ping request from the loadbalancer. We will be calling this
QueryUpdate page continuously. I want to know whether the load balancer
will ping the index page or the QueryUpdate.jsp page? And my second
question is, a common session is shared by the QueryUpdate before the ping
request. Will this ping will create a new session?

Thanks,
Kumar.


On Tue, Feb 11, 2014 at 12:30 PM, Leon Rosenberg
<rosenberg.leon@gmail.com>wrote:

> Hello Kumar,
>
> can't you just ask your Ops guys to get your the load balancer config?
> That would be much easier as guessing.
>
> Usually you can configure how many samples the load balancer must try to
> get and what is the timeout. For example if the setting is 3 with timeout
> of 15 seconds, 3 requests would be send, and after a total of 45 seconds
> the server would be marked as down and receive no more traffic. But(!) this
> is subject of the specific configuration of your load balancer. So why not
> just get it and check?
>
> regards
> Leon
>
>
> On Tue, Feb 11, 2014 at 5:56 PM, Kumar Muthuramalingam <
> kumarkmmca@gmail.com
> > wrote:
>
> > what I mean is if I am supposed to get a response for that Update.jsp
> file
> > and I didn't get it for a while. Will the load balancer will check for it
> > connectivity? Is there any timeout set for load balancer to get response.
> >
> > Thanks,
> > Kumar.
> >
> >
> > On Tue, Feb 11, 2014 at 8:13 AM, Daniel Mikusa <dmikusa@gopivotal.com
> > >wrote:
> >
> > > On Feb 10, 2014, at 7:22 PM, Kumar Muthuramalingam <
> kumarkmmca@gmail.com
> > >
> > > wrote:
> > >
> > > > Before that can you tell me one thing please. Suppose if a page
> request
> > > > (eg. /UpdateQuery.JSP) is coming from a load balancer to tomcat and
> the
> > > > UpdateQuery.JSP is connected to some third party server. Assume if
> the
> > > > tomcat is not getting any reply from the Query server for some
> seconds.
> > > > Will the load balancer will send ping requests to tomcat to verify
> the
> > > > connection of the application ?
> > >
> > > I've never seen a load balancer that works like that.  Usually they
> just
> > > request a singe resource on a repeating cycle, like every second or
> two.
> >  I
> > > guess it really depends on your load balancer though.
> > >
> > > Dan
> > >
> > > >
> > > > Thanks
> > > > Kumar.
> > > >
> > > >
> > > > On Mon, Feb 10, 2014 at 4:21 PM, Daniel Mikusa <
> dmikusa@gopivotal.com
> > > >wrote:
> > > >
> > > >> On Feb 10, 2014, at 4:07 PM, Kumar Muthuramalingam <
> > > kumarkmmca@gmail.com>
> > > >> wrote:
> > > >>
> > > >>> Yes its the load balancer. and recently I found in the log that
> there
> > > >> was a
> > > >>> memory leak exception while the tomcat server was restarted.The
> > session
> > > >>> increase problem started from this particular date . Could this
be
> a
> > > >> cause
> > > >>> for the tomcat to hang up and DOS occurred?
> > > >>
> > > >> Can you include the message you saw?  Otherwise it's tough to say.
> > > >>
> > > >>> One more question. I see this memory leak exception in only one
> > tomcat
> > > >>> catalina log file. I didn't see this in other servers log file.
One
> > > >> tomcat
> > > >>> can handle 200 sessions. So once if it reaches the limit will
the
> > > >> requests
> > > >>> will get diverted to other available servers so that the server
> > > sessions
> > > >>> also will increase? If so how to find that redirection in log
file.
> > > >>
> > > >> You'd want to look at how your load balancer is setup.  Tomcat just
> > > >> handles the requests that you send to it.  If you want to control
> how
> > > >> requests are delivered to multiple Tomcat servers then you need to
> do
> > > that
> > > >> before the requests hit your Tomcat servers, like with your load
> > > balancer.
> > > >>
> > > >> Dan
> > > >>
> > > >>>
> > > >>> Sorry if I 'm crazy.
> > > >>>
> > > >>> Thanks,
> > > >>> Kumar
> > > >>>
> > > >>>
> > > >>> On Mon, Feb 10, 2014 at 2:19 PM, Daniel Mikusa <
> > dmikusa@gopivotal.com
> > > >>> wrote:
> > > >>>
> > > >>>> On Feb 10, 2014, at 1:59 PM, Kumar Muthuramalingam <
> > > >> kumarkmmca@gmail.com>
> > > >>>> wrote:
> > > >>>>
> > > >>>>> Thanks for the reply. I accept this remedy will clear
the issue.
> > But
> > > my
> > > >>>>> question is how to verify the root cause of this DOS attack
that
> > > >> occurred
> > > >>>>> earlier?
> > > >>>>
> > > >>>> As previously directed, look at your access logs.  That should
> show
> > > you
> > > >>>> who is requesting this JSP file.
> > > >>>>
> > > >>>> If it's your load balancer (or some other trusted IP), then
> problem
> > > >>>> solved.  Just correct the JSP.
> > > >>>>
> > > >>>> If it's a third party then in additional to fixing the JSP,
you'll
> > > >>>> probably want to investigate why they're calling that JSP
so much.
> >  I
> > > >>>> suppose you could even go so far as to blocking them with
your
> > > firewall
> > > >> or
> > > >>>> a filter, but that's up to you.
> > > >>>>
> > > >>>> Dan
> > > >>>>
> > > >>>>> What ever steps suggested above is to take a precaution
or solve
> > > >>>>> the issue. please help me.
> > > >>>>>
> > > >>>>> Thanks,
> > > >>>>> Kumar.
> > > >>>>>
> > > >>>>>
> > > >>>>> On Mon, Feb 10, 2014 at 12:06 PM, Daniel Mikusa <
> > > dmikusa@gopivotal.com
> > > >>>>> wrote:
> > > >>>>>
> > > >>>>>> On Feb 10, 2014, at 11:56 AM, Kumar Muthuramalingam
<
> > > >>>> kumarkmmca@gmail.com>
> > > >>>>>> wrote:
> > > >>>>>>
> > > >>>>>>> Thanks for your reply. I have 3 applications running
under the
> > > tomcat
> > > >>>> and
> > > >>>>>>> only one application got a ping.jsp file others
don't. And
> also I
> > > >> could
> > > >>>>>> see
> > > >>>>>>> from the access logs that only the application
that has got
> > > ping.jsp
> > > >>>> file
> > > >>>>>>> was pinged others were not. And the sessions are
high only for
> > this
> > > >>>>>>> particular application. Now I got something else
in my mind. Is
> > > >>>> ping.jsp
> > > >>>>>> is
> > > >>>>>>> a mandatory file for tomcat. We got nothing in
that ping.jsp.
> It
> > 's
> > > >> an
> > > >>>>>>> empty file with <%="OK"%>.
> > > >>>>>>
> > > >>>>>> Seems like this could be the problem.  This JSP file
is going to
> > > >> create
> > > >>>> a
> > > >>>>>> session every time you "ping" it, since JSP files
will create a
> > > >> session
> > > >>>> by
> > > >>>>>> default.  If you're client, whatever is requesting
this JSP,
> > doesn't
> > > >>>>>> maintain the session then it'll end up creating a
new session
> > every
> > > >>>> time it
> > > >>>>>> requests the JSP page.
> > > >>>>>>
> > > >>>>>> Add this and the JSP won't create a session.
> > > >>>>>>
> > > >>>>>> <%@ page session="false" %>
> > > >>>>>>
> > > >>>>>>> I agree this could be due to DOS attack.
> > > >>>>>>
> > > >>>>>> If so, it would seem to be self inflicted.  Fix your
JSP file
> and
> > I
> > > >> bet
> > > >>>>>> this problem will go away.
> > > >>>>>>
> > > >>>>>> Dan
> > > >>>>>>
> > > >>>>>>> Can we ask our network pupil to
> > > >>>>>>> find if there was a network failure or delay happened.
Can we
> > find
> > > >> that
> > > >>>>>> is
> > > >>>>>>> my another question?
> > > >>>>>>>
> > > >>>>>>> Please help me.
> > > >>>>>>>
> > > >>>>>>> Thanks,
> > > >>>>>>> Kumar.
> > > >>>>>>>
> > > >>>>>>>
> > > >>>>>>> On Mon, Feb 10, 2014 at 11:28 AM, Christopher
Schultz <
> > > >>>>>>> chris@christopherschultz.net> wrote:
> > > >>>>>>>
> > > >>>>>>>> -----BEGIN PGP SIGNED MESSAGE-----
> > > >>>>>>>> Hash: SHA256
> > > >>>>>>>>
> > > >>>>>>>> Kumar,
> > > >>>>>>>>
> > > >>>>>>>> On 2/8/14, 7:08 PM, Kumar Muthuramalingam
wrote:
> > > >>>>>>>>> I 'm using tomcat version 6 and 7. One
day there was a sudden
> > > >>>>>>>>> increase in number of sessions in both
tomcats. And all the
> > > >>>>>>>>> sessions had no username, same lastaccessed
time, same
> created
> > > time
> > > >>>>>>>>> and the inactive time was 00:00:00. It
is not happening
> always
> > > but
> > > >>>>>>>>> it happens some times on some day. Can't
predict. And We have
> > set
> > > >>>>>>>>> the idle timeout as -1 because we have
to.
> > > >>>>>>>>
> > > >>>>>>>> I have a suggestion for this: don't set the
session timeout to
> > -1
> > > >>>>>>>> until the user has successfully authenticated.
> > > >>>>>>>>
> > > >>>>>>>> Sessions can be created at any time, including
before
> > > >> authentication.
> > > >>>>>>>> You could add a Filter that detects sessions
that are
> > > authenticated
> > > >>>>>>>> without the -1 timeout and sets them to that
value.
> > > >>>>>>>>
> > > >>>>>>>> This would allow login-less sessions to expire
naturally while
> > > >>>>>>>> authenticated users would enjoy sessions that
never expire.
> > > >>>>>>>>
> > > >>>>>>>> (Honestly, sessions that never expire is probably
a bad
> idea...
> > > >>>>>>>> clients are disappear at any time and never
come back. At
> least
> > > set
> > > >>>>>>>> the session timeout to something hugely long
like 5 days or
> > > >> something)
> > > >>>>>>>>
> > > >>>>>>>>> When I try to dig the log. It showed that
the load balancer
> IP
> > > was
> > > >>>>>>>>> sending many ping requests to our application.
Can anybody
> tell
> > > why
> > > >>>>>>>>> this is happening and how can I find the
cause?
> > > >>>>>>>>
> > > >>>>>>>> The lb needs to ping your webapp all the time
to see if it's
> up.
> > > >>>>>>>> Perhaps it's using a resource that (stupidly)
always creates a
> > > >> session
> > > >>>>>>>> if one does not exist?
> > > >>>>>>>>
> > > >>>>>>>> - -chris
> > > >>>>>>>> -----BEGIN PGP SIGNATURE-----
> > > >>>>>>>> Version: GnuPG v1
> > > >>>>>>>> Comment: GPGTools - http://gpgtools.org
> > > >>>>>>>> Comment: Using GnuPG with Thunderbird -
> > http://www.enigmail.net/
> > > >>>>>>>>
> > > >>>>>>>>
> iQIcBAEBCAAGBQJS+P4dAAoJEBzwKT+lPKRYmHUP/1JzT1aYbqq3CWq8bzJsEKtX
> > > >>>>>>>>
> LTiNknxXUBmhQE1WZ5J+4f2Pq/7spUD0rOGtkvYyuGw37+ruL0AGJSiEzQ2uA6mD
> > > >>>>>>>>
> rtylt5IzGO4jjW2Yqr4LlDKmXhBr0IDj4+Xz1KT4W7R7XDY6gNIfN1d8CuAAAP0F
> > > >>>>>>>>
> BKSLj3crNEmDur+hd0SH3m+oNKYpgy/xVfvWN2MohBY4rIAPpGvmS9IJDeKaWyHY
> > > >>>>>>>>
> +SZYsyN6bKExWCqaQbObL7ZjHwLhC+hLECEDHFNiZje5dCyKMaALVJYNkaB/jzWw
> > > >>>>>>>>
> ZLv3FNyTpG35hhBM1j760C+37ZkRt34+rER7ZBBEODfgoxQSGb59Fe9uCtX8aVa4
> > > >>>>>>>>
> 9ATxQ8RAqJcMaCgJ6ADTiJhf91MGbPtWJ5ABwqzg8iP650gUcF6RiRWPFdpq1k33
> > > >>>>>>>>
> 6SCGeEwHoIMuzCvnp1EiaxXaDFQ1NUYhCz5fEkAeYmZlgl/SlTHrvhe5lTyMQ179
> > > >>>>>>>>
> CeccAWjrO1UhyJz5bS9pt8l5xzsVAFxlVCk67rLwffAhWxZb6EmrsclTlBaxDyFL
> > > >>>>>>>>
> jx6+UH7SADWi0xaGk3LdBdCWHaJRT5F9StPsAReUP/mPpJVVWR6u9x/V1i4HrZX6
> > > >>>>>>>>
> /06jj3RCUBxGPKMk6OlidZDQj9XcKMR1CuDeq+ItfzXKg8rgj3C5FaZXUsNYCNTV
> > > >>>>>>>> LgJmIZUtom+YKPoikzQB
> > > >>>>>>>> =2HLh
> > > >>>>>>>> -----END PGP SIGNATURE-----
> > > >>>>>>>>
> > > >>>>>>>>
> > > >>
> ---------------------------------------------------------------------
> > > >>>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > >>>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
> > > >>>>>>>>
> > > >>>>>>>>
> > > >>>>>>
> > > >>>>>>
> > > >>>>>>
> > > ---------------------------------------------------------------------
> > > >>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > >>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
> > > >>>>>>
> > > >>>>>>
> > > >>>>
> > > >>>>
> > > >>>>
> > ---------------------------------------------------------------------
> > > >>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > >>>> For additional commands, e-mail: users-help@tomcat.apache.org
> > > >>>>
> > > >>>>
> > > >>
> > > >>
> > > >>
> ---------------------------------------------------------------------
> > > >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > >> For additional commands, e-mail: users-help@tomcat.apache.org
> > > >>
> > > >>
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > For additional commands, e-mail: users-help@tomcat.apache.org
> > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message