[opencms-dev] MySQL, OpenCms and a 3Com Superstack firewall

Joe Desbonnet jdesbonnet at gmail.com
Sat Sep 17 01:29:39 CEST 2005 

My guess is that the TCP connections to the DB are being held open by
the connection pool, but because of the inactivity the firewall is
destroying the connection without either end being aware of this. As
an experiment setup a cron job or other script to run at say 10min
intervals that will cause db activity (eg loading a page). Look at the
MySQL logs or tcpdump and make sure that it's actually generating DB
queries and not just being cached in Tomcat/OpenCms.  Now see if the
problem persists.

If that is the problem, I'm not sure what's the best solution. It's
possible that the MySQL JDBC driver has a keepalive option. Or your
firewall may have some configurable option on this.

Joe.


On 9/16/05, Corbey, Clayton <CorbeyC at brandonrha.mb.ca> wrote:
>  
>  
> 
> Help, my firewall hates mysql. 
> 
>   
> 
> I've installed OpenCms on our production server in the DMZ and the new
> database was created inside our network on the LAN. I've entered the rules
> on the firewall to allow port 3306 TCP and UDP to be open from the DMZ (the
> OpenCms app) to the MySQL 4.1.14 DB. I've confirmed it's open with 'telnet
> DB_SERVER 3306'. 
> 
>   
> 
> I fired up Tomcat, and everything worked great. Ran setup, configured the
> server, displayed our website and was proud! 
> 
>   
> 
> Now, after about 10 or 20 minutes or so of inactivity, I can't connect; not
> to the website OR the admin area of OpenCms. No errors at all. Nothing,
> absolutely nothing. I've done 'tcpdump port 3306' on both ends and the
> request is being sent from the CMS server in the DMZ, but not received by
> the DB server on the inside. I know this means that the connection has been
> lost (ie firewall is eating the request up. Netstat says that I'm still
> connected, but I'm not so sure. I know Tomcat is fine, b/c I can go other
> web shares on the server. 
> 
>   
> 
> Why would everything work initially but after a period of inactivity it
> fails with NO ERROR!??!?!?!?! 
> 
> WHAT CAN I DO????!?!??! 
> 
>   
> 
> Somebody help. 
> 
>   
> 
> -Clayton 
> 
>   
> 
> CONFIDENTIALITY NOTICE:  This message is intended only for the use of the
> individual or entity to which it is addressed and may contain information
> that is privileged, confidential and exempt from disclosure under applicable
> law.  If the reader of this message is not the intended recipient you are
> hereby notified that any distribution, copying, disclosure and use of, or
> reliance on the contents of this transmission is strictly prohibited.  If
> you have received this transmission in error, please notify us immediately
> by return e-mail and destroy the transmission by deleting the original
> message, attachments and all copies.
>  
> 
> 
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
> 
>

More information about the opencms-dev mailing list