shylaja kokoori created KAFKA-13418:
---------------------------------------
Summary: Brokers disconnect intermittently with TLS1.3
Key: KAFKA-13418
URL: https://issues.apache.org/jira/browse/KAFKA-13418
Project: Kafka
Issue Type: Bug
Components: clients
Affects Versions: 2.8.0
Reporter: shylaja kokoori
Using TLS1.3 (with JDK11) is causing a regression and an increase in
inter-broker p99 latency, as mentioned by Yiming in
[Kafka-9320|https://issues.apache.org/jira/browse/KAFKA-9320?focusedCommentId=17401818&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17401818].
We tested this with Kafka 2.8.
The issue seems to be because of a renegotiation exception being thrown by
{code:java}
read(ByteBuffer dst)
{code}
&
{code:java}
write(ByteBuffer src)
{code}
in
_clients/src/main/java/org/apache/kafka/common/network/SslTransportLayer.java_
This exception is causing the connection to close between the brokers before
read/write is completed. In our internal experiments we have seen the p99
latency stabilize when we remove this exception.
Given that TLS1.3 does not support renegotiation, I would like to make it
applicable just for TLS1.2.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
