James Server
  1. James Server
  2. JAMES-774

Add documentation for the dns ttl issue

    Details

    • Type: Task Task
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.3.1, 3.0.0
    • Fix Version/s: 3.0-M1
    • Component/s: None
    • Labels:
      None

      Description

      Add documentation to the site and/or to the config.xml about the unbounded cache issue in the JVM and how we introduced a system property networkaddress.cache.ttl that is read by phoenix at startup and used to override the java 1.4 Security.setProperty("networkaddress.cache.ttl" value.
      By default in run.bat, phoenix.sh and james-server.sh (this one only in trunk) and wrapper.conf we added 300 seconds (-Dnetworkaddress.cache.ttl=300).

      The cache is about positive results from dns lookups.
      -1 means that the cache is never expired
      0 means no cache
      x>0 mean the number of seconds before expiration.

      Please not that james trunk should not be affected by this cache because every usage of the InetAddress lookups have been removed by core code, but third party mailets could be afftected anyway, and this is why we added the property. James 2.3 instead still uses some InetAddress lookup and this property will save from OOM due to the unbounded cache.

        Issue Links

          Activity

          Hide
          Stefano Bagnara added a comment -

          Updated fix version to make sure we remeber this in the 2.3.1 roadmap.

          Show
          Stefano Bagnara added a comment - Updated fix version to make sure we remeber this in the 2.3.1 roadmap.
          Hide
          Norman Maurer added a comment -

          Danny, any timeframe on this ?

          Show
          Norman Maurer added a comment - Danny, any timeframe on this ?
          Hide
          Danny Angus added a comment -

          Added docs to trunk & 2.3 branch dns_configuration xdoc and to project FAQ xdoc. as below

          Sun JVM DNS Lookup Configuration.
          <p>Sun's JVM Internet address lookup uses a cache which is unbounded and doesn't time out.<br/>
          This is obviously not great for a long running process like a mail server so we have introduced a system property <strong>networkaddress.cache.ttl<strong> that is used by the distributed phoenix start-up scripts, at startup, to override the java 1.4 <strong>Security.setProperty("networkaddress.cache.ttl")</strong>.<br/> By default this is set to <strong>300</strong> seconds.</p>
          <p>This workaround will only be present if you use James as distributed. If you use James in any other container, including different versions of Phoenix, you will need to ensure that you make a similar configuration change to allow the internet address cache to perform acceptably.</p>
          <p>James 2.3 has this workaround and it requires it to operate acceptably. Future versions of James will continue to have the workaround in place but will not require it. This will provide continued support for any mailets which you may deploy from other sources which might continue to use Sun's InetAddress class for DNS resolution.</p>
          <p>We are not currently aware of the behaviour of this cache in other JVM implementations, nor of the effect, if any, which this change might have on them</p>
          <p>For more on this read defect report <a href="http://issues.apache.org/jira/browse/JAMES-592">JAMES-592</a> and related defects.</p>

          Show
          Danny Angus added a comment - Added docs to trunk & 2.3 branch dns_configuration xdoc and to project FAQ xdoc. as below Sun JVM DNS Lookup Configuration. <p>Sun's JVM Internet address lookup uses a cache which is unbounded and doesn't time out.<br/> This is obviously not great for a long running process like a mail server so we have introduced a system property <strong>networkaddress.cache.ttl<strong> that is used by the distributed phoenix start-up scripts, at startup, to override the java 1.4 <strong>Security.setProperty("networkaddress.cache.ttl")</strong>.<br/> By default this is set to <strong>300</strong> seconds.</p> <p>This workaround will only be present if you use James as distributed. If you use James in any other container, including different versions of Phoenix, you will need to ensure that you make a similar configuration change to allow the internet address cache to perform acceptably.</p> <p>James 2.3 has this workaround and it requires it to operate acceptably. Future versions of James will continue to have the workaround in place but will not require it. This will provide continued support for any mailets which you may deploy from other sources which might continue to use Sun's InetAddress class for DNS resolution.</p> <p>We are not currently aware of the behaviour of this cache in other JVM implementations, nor of the effect, if any, which this change might have on them</p> <p>For more on this read defect report <a href="http://issues.apache.org/jira/browse/JAMES-592"> JAMES-592 </a> and related defects.</p>
          Hide
          Danny Angus added a comment -

          Closing issue fixed in released version.

          Show
          Danny Angus added a comment - Closing issue fixed in released version.

            People

            • Assignee:
              Danny Angus
              Reporter:
              Stefano Bagnara
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development