[opencms-dev] MySQL, OpenCms and a 3Com Superstack firewall

Martin van den Bemt mvdb at ibl-software.nl
Tue Sep 20 08:57:57 CEST 2005 

You can see if adding the parameter ?autoReconnect=true to the connect url
to mysql. Also tweaking Apache Commons DBCP could help..
See http://jakarta.apache.org/commons/dbcp/configuration.html for options.

Mvgr,
Martin

-----Oorspronkelijk bericht-----
Van: opencms-dev-bounces at opencms.org
[mailto:opencms-dev-bounces at opencms.org] Namens Arash Kaffamanesh
Verzonden: maandag 19 september 2005 23:20
Aan: 'The OpenCms mailing list'
Onderwerp: RE: [opencms-dev] MySQL, OpenCms and a 3Com Superstack firewall

Hi Clayton,

The network guys probably wouldn't allow or can't let to keep the connection
alive, as it is a security risk somehow (I don't know myself how to abuse it
:-)). But it must be possible to close the connection after a specifc time,
but I think OpenCms's connection pooling implemenation dosen't support this
setting / feature, that's not a bug, it's a feature :-)

As mentioned before the quick an dirty solution is a croned wget job every
x-minutes.

Cheers,
Arash

-----Original Message-----
From: opencms-dev-bounces at opencms.org
[mailto:opencms-dev-bounces at opencms.org] On Behalf Of Corbey, Clayton
Sent: Montag, 19. September 2005 15:22
To: joe at galway.net; The OpenCms mailing list
Subject: RE: [opencms-dev] MySQL, OpenCms and a 3Com Superstack firewall


FYI,

I have confirmed that it is the firewall that is timing out the inactive TCP
connection. Neither the CMS server (in the DMZ), or the MySQL server (in the
LAN) knows about this being killed; a netstat claims the connection is
ESTABLISHED. I am going to talk to my network guys to see if we can't just
allow that connection to stay alive regardless of activity (a trusted
connection or a pervasive; I don't know what it's called!).

Otherwise I have no idea of what else I could do. Any ideas?

-Clayton

-----Original Message-----
From: opencms-dev-bounces at opencms.org
[mailto:opencms-dev-bounces at opencms.org] On Behalf Of Joe Desbonnet
Sent: Friday, September 16, 2005 18:30
To: The OpenCms mailing list
Subject: Re: [opencms-dev] MySQL, OpenCms and a 3Com Superstack firewall

My guess is that the TCP connections to the DB are being held open by the
connection pool, but because of the inactivity the firewall is destroying
the connection without either end being aware of this. As an experiment
setup a cron job or other script to run at say 10min intervals that will
cause db activity (eg loading a page). Look at the MySQL logs or tcpdump and
make sure that it's actually generating DB queries and not just being cached
in Tomcat/OpenCms.  Now see if the problem persists.

If that is the problem, I'm not sure what's the best solution. It's possible
that the MySQL JDBC driver has a keepalive option. Or your firewall may have
some configurable option on this.

Joe.


On 9/16/05, Corbey, Clayton <CorbeyC at brandonrha.mb.ca> wrote:
>  
>  
> 
> Help, my firewall hates mysql.
> 
>   
> 
> I've installed OpenCms on our production server in the DMZ and the new

> database was created inside our network on the LAN. I've entered the
rules
> on the firewall to allow port 3306 TCP and UDP to be open from the DMZ
(the
> OpenCms app) to the MySQL 4.1.14 DB. I've confirmed it's open with
'telnet
> DB_SERVER 3306'.
> 
>   
> 
> I fired up Tomcat, and everything worked great. Ran setup, configured
the
> server, displayed our website and was proud!
> 
>   
> 
> Now, after about 10 or 20 minutes or so of inactivity, I can't
connect; not
> to the website OR the admin area of OpenCms. No errors at all.
Nothing,
> absolutely nothing. I've done 'tcpdump port 3306' on both ends and the

> request is being sent from the CMS server in the DMZ, but not received
by
> the DB server on the inside. I know this means that the connection has
been
> lost (ie firewall is eating the request up. Netstat says that I'm
still
> connected, but I'm not so sure. I know Tomcat is fine, b/c I can go
other
> web shares on the server.
> 
>   
> 
> Why would everything work initially but after a period of inactivity
it
> fails with NO ERROR!??!?!?!?!
> 
> WHAT CAN I DO????!?!??!
> 
>   
> 
> Somebody help.
> 
>   
> 
> -Clayton
> 
>   
> 
> CONFIDENTIALITY NOTICE:  This message is intended only for the use of
the
> individual or entity to which it is addressed and may contain
information
> that is privileged, confidential and exempt from disclosure under
applicable
> law.  If the reader of this message is not the intended recipient you
are
> hereby notified that any distribution, copying, disclosure and use of,
or
> reliance on the contents of this transmission is strictly prohibited.
If
> you have received this transmission in error, please notify us
immediately
> by return e-mail and destroy the transmission by deleting the original

> message, attachments and all copies.
>  
> 
> 
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list To change 
> your list options, or to unsubscribe from the list, please
visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
> 
>


_______________________________________________
This mail is send to you from the opencms-dev mailing list To change your
list options, or to unsubscribe from the list, please visit
http://mail.opencms.org/mailman/listinfo/opencms-dev


_______________________________________________
This mail is send to you from the opencms-dev mailing list To change your
list options, or to unsubscribe from the list, please visit
http://mail.opencms.org/mailman/listinfo/opencms-dev



_______________________________________________
This mail is send to you from the opencms-dev mailing list To change your
list options, or to unsubscribe from the list, please visit
http://mail.opencms.org/mailman/listinfo/opencms-dev

More information about the opencms-dev mailing list