On 17/02/2023 07:53, Patkar Omkar Anant wrote:
Hi Mark Thomas,
Few queries from my side.
1) You have indicated it could be false positive ? But how do we confirm that ?
Also, Its not just a warning, the requests are not processed any more.
The bug referenced in the error message affects particular versions of
the Linux kernel. The bug was fixed in Linux kernel 5.10-rc6. You have
updated to 6.0.9 so you will no longer be seeing the bug.
The way Tomcat detects the bug in 9.0.58 is susceptible to false
positives. See bug 65776 for details. If you continue to see the error
message with a fixed Linux kernel then the most likely explanation is
that you are seeing false positives.
2) "To be clear, no further requests can be served from the external application but
internal clients can continue?" ---> Yes. For requests coming from internal clients
there is no issue, Tomcat allows to process such requests. But, if it stops randomly for
requests coming from external client, it will continue to stop unless tomcat is restarted.
That is interesting but we need more information to figure out what it
means.
3) "you need to upgrade as the detection got a lot better in 9.0.59 onwards."
----> does it mean, it will output more information or the issue will get solved ?
It means that the issue with false positives (bug 65776) has been
resolved so if you see this error message with Tomcat 9.0.59 onwards it
is likely you are affected by the Linux bug.
4) " Do internal and external requests go to the same connector?" ----> I think
yes.... but to confirm, let me know steps I shall follow them to confirm.
For internal and external requests to go to a different connector, there
will need to be at least two Connectors defined in server.xml. Please
provide all the Connector elements from server.xml, replacing any
passwords etc with xxx.
For the internal and external clients to be using the same Connector
they must be connecting to the same host and port (but depending on
Connector and configuration it may be possible for them to be using
different IP addresses). Please provide the host name(s) and port(s) the
internal and external clients are connecting to.
The firewall may also be relevant. What OSI layer is it operating at? Is
a reverse proxy in use at all?
Once the external clients start to fail, do you see a duplicate accept
error message in the logs for every attempt the external clients make?
Or is there just one error message and all subsequent external requests
fail without further messages in the logs?
When the external requests are failing, capture a thread dump and
provide that.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
