Issue Details (XML | Word | Printable)

Key: JAMES-679
Type: Improvement Improvement
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Stefano Bagnara
Reporter: Stefano Bagnara
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
JAMES Server

Make sure our container use an expiration for cached dns data

Created: 08/Nov/06 12:36 PM   Updated: 21/Nov/07 08:31 AM
Return to search
Component/s: None
Affects Version/s: 2.3.0
Fix Version/s: 2.3.1

Time Tracking:
Not Specified

Issue Links:
Reference
 

Resolution Date: 06/Feb/07 10:58 AM


 Description  « Hide
Noel J. Bergman wrote:
> Stefano Bagnara wrote:
>> but it could happen (or maybe it already happen) that some third party
>> library we use still make use of InetAddress "flawed" methods, and the
>> above property would save us from the possible OutOfMemory because of
>> the unbounded cache.
>
> Perhaps, but I would rather vet the code, and be more careful about what we use. Now that we know one of the things to look for carefully, we can avoid it. The better solution is to avoid the problem, not mask it.
>
> --- Noel

I agree: we avoid it in trunk because of this.

About the "not masking" I think that even if we solved it we should better add the property because our users could easily make our mistakes and use InetAddress in their mailets. The fact that DNSServer is not part of the mailet apis incentivate them to use InetAdress and not the James Server specific service.

So I think we should really add the ttl property.

Either "-Dsun.net.inetaddr.ttl=10" in the command line or
java.security.Security.setProperty("networkaddress.cache.ttl" , "10");
Should work.

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Repository Revision Date User Message
ASF #473041 Thu Nov 09 19:33:53 UTC 2006 bago Make sure our container use an expiration (10s) for cached dns data (JAMES-679)
This is also a workaround to avoid the OOM described in JAMES-592
We don't need this anymore because we removed every usage of InetAddress but 3rd party mailets could make use of InetAddress for their needs and we (the container) have to make sure the cache will expire (The preferred way is to use DNSServer services or dnsjava Lookup/Address objects)
Files Changed
MODIFY /james/server/trunk/phoenix-bin/bin/run.bat
MODIFY /james/server/trunk/phoenix-bin/bin/james-server.sh
MODIFY /james/server/trunk/phoenix-bin/bin/phoenix.sh

[ Permlink | « Hide ]
Stefano Bagnara added a comment - 09/Nov/06 07:35 PM
Applied to trunk (next-major)
Imo we should backport this to v2.3 and next-minor branches, too.

Stefano Bagnara made changes - 09/Nov/06 07:35 PM
Field Original Value New Value
Resolution Fixed [ 1 ]
Fix Version/s Trunk [ 12312135 ]
Fix Version/s Next Minor [ 12312136 ]
Fix Version/s 2.3.1-dev [ 12312150 ]
Status Open [ 1 ] Resolved [ 5 ]
[ Permlink | « Hide ]
Noel J. Bergman added a comment - 11/Nov/06 08:51 PM
Please change this from 10 to 0, as in:

  java.security.Security.setProperty("networkaddress.cache.ttl" , "0");

The change you made doesn't necessarily do what you think it does because the code in Sun's InetAddress.Cache implementation handles expiration only when the host name is queried or another entry is put (at which point it loops through the entire cache looking for expired entries). Otherwise, it just takes up space.

For our purposes, it would be better to use the InetAddressCachePolicy.NEVER special case.

Noel J. Bergman made changes - 11/Nov/06 08:51 PM
Resolution Fixed [ 1 ]
Status Resolved [ 5 ] Reopened [ 4 ]
[ Permlink | « Hide ]
Noel J. Bergman added a comment - 11/Nov/06 08:53 PM
I would agree with backporting

  java.security.Security.setProperty("networkaddress.cache.ttl" , "0");

to v2.3.x/minor-next. Any reference to "-Dsun.net.inetaddr.ttl=10" should be eliminated, however. That has already been deprecated by Sun and is non-standard.

[ Permlink | « Hide ]
Stefano Bagnara added a comment - 13/Nov/06 12:06 PM
Ok to change the 10 with 0.
About the setProperty: I think this property belong to the container, so I think we should better add it some phoenix class.
Anyone against this? I want to know before loosing my time searching for the right class ;-)
If someone is against, please tell where do you think this property belong.

Repository Revision Date User Message
ASF #502706 Fri Feb 02 19:57:28 UTC 2007 bago Revert r473041 because we voted for the Security.setProperty solution instead of the sun specific one (JAMES-679 / JAMES-592)
Files Changed
MODIFY /james/server/trunk/phoenix-bin/bin/run.bat
MODIFY /james/server/trunk/phoenix-bin/bin/james-server.sh
MODIFY /james/server/trunk/phoenix-bin/bin/phoenix.sh

Repository Revision Date User Message
ASF #502713 Fri Feb 02 20:04:26 UTC 2007 bago Applied a default 300seconds ttl to InetAddress positive cache (JAMES-679 / JAMES-592)
This can be tuned via the System property "networkaddress.cache.ttl". Setting it to 0 will disable caching at all. Setting it to -1 will avoid expiration.
Files Changed
MODIFY /james/server/trunk/phoenix-bin/conf/wrapper.conf
MODIFY /james/server/trunk/phoenix-bin/bin/run.bat
MODIFY /james/server/trunk/phoenix-bin/bin/phoenix-loader.jar
MODIFY /james/server/trunk/JAMES_PHOENIX.txt
MODIFY /james/server/trunk/phoenix-bin/bin/james-server.sh
MODIFY /james/server/trunk/phoenix-bin/bin/phoenix.sh

Stefano Bagnara made changes - 04/Feb/07 04:42 PM
Link This issue relates to JAMES-774 [ JAMES-774 ]
Repository Revision Date User Message
ASF #504070 Tue Feb 06 10:42:54 UTC 2007 bago Backport for positive dns resolution cache (r502713). Applied a default 300 seconds expiration. (JAMES-679 / JAMES-592)
Files Changed
MODIFY /james/server/branches/v2.3/phoenix-bin/bin/run.bat
MODIFY /james/server/branches/v2.3/phoenix-bin/conf/wrapper.conf
MODIFY /james/server/branches/v2.3/phoenix-bin/bin/phoenix.sh
MODIFY /james/server/branches/v2.3/JAMES_PHOENIX.txt
MODIFY /james/server/branches/v2.3/phoenix-bin/bin/phoenix-loader.jar

[ Permlink | « Hide ]
Stefano Bagnara added a comment - 06/Feb/07 10:58 AM
Reverted the sun specific change and applied the java standard solution (Security.setProperty)
---
Now james uses a default 300 seconds expiration for the positive dns results cache.
The expiration is tunable via system property -Dnetworkaddress.cache.ttl
Setting it to -1 will revert to the default "cache forever" JVM behaviour.
Setting it to 0 will remove caching at all.
Applied to trunk 4 days ago and backported to v2.3 (for 2.3.1) now.
---
Please note that the v2.3 branch dnsservice still uses InetAddress so this configuration is really important, while in following branches (derived from current trunk) we don't use InetAddress anymore and this is only a safety belt for Mailets we host. Most people is not aware of this never-expired cache in the JVM and we protect them from easy errors.

Stefano Bagnara made changes - 06/Feb/07 10:58 AM
Status Reopened [ 4 ] Resolved [ 5 ]
Fix Version/s Next Major [ 10427 ]
Fix Version/s 2.3.1-dev [ 12312150 ]
Resolution Fixed [ 1 ]
[ Permlink | « Hide ]
Danny Angus added a comment - 21/Nov/07 08:31 AM
Closing issue fixed in released version.

Danny Angus made changes - 21/Nov/07 08:31 AM
Status Resolved [ 5 ] Closed [ 6 ]

Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators