Hi, Recently we have deployed Sequoia into a new data center with the following configuration.
2 controllers, 2 backends per conntroller. Web application access Sequoia controller via ASA, allowing port 25322 TCP/UDP. Controllers access Postgresql Database via ASA, allowing port 5432. Default on ASA connection timeout is 60 minutes. Webapps --> ASA Allow 25322 TCP/UDP --> Sequoia Sequoia --> ASA Allow 5432 TCP --> Postgresql We get the following error messages ASA log May 16 12:33:17 XXXXX Deny TCP (no connection) from LAPP1/49838 to LDB1/5432 flags PSH ACK on interface XXX_XXX cluster.log 2008-05-16 12:33:19,431 INFO Database backend XXXX.ldb1 is now in state disabled 2008-05-16 12:33:20,574 ERROR Disabling backend ldb1 because it is no more in sync full_cluster.log 2008-05-16 12:33:20,574 ERROR backend.DatabaseBackend.ldb1 Request 'update XXXXXXXXXXXXXXXXXX = ...' failed on backend ldb1 but 1 succeeded (org.continuent.sequoia.common.exceptions.BadConnectionException: An I/O error occured while sending to the backend.) As I am not an expert with JDBC connections, and how Sequoia uses the Postgresql JDBC connections to the backends, how can we specify it to use keepalives, or is this by default? I have read that Postgresql jdbc keepalive is off by default, referring to postgresql-jdbc-8.3-603 http://archives.postgresql.org/pgsql-jdbc/2008-02/msg00037.php Another interesting point, during the fail May 16 12:33:19 XXXXX : Deny icmp src XXXX:LAPP1 dst XXXXX:LDB1 (type 3, code 10) by access-group "XXXXXXX" [0x0, 0x0] It appears this is coming from our controller and sending to our database, the ASA is dropping this as only port 5432 TCP is allowed, no ICMP. What is it sending ICMP for, i realise this "port unreachable" code, is this a side affect of Sequoia loosing sync with the backend? Versions Sequoia 2.10.10 Postgresql 8.3.1 postgresql-8.2-504.jdbc3.jar (should probably upgrade to 8.3) ASA lastest code Regards, Stuart James _______________________________________________ Sequoia mailing list [email protected] https://forge.continuent.org/mailman/listinfo/sequoia
