Hello! I think we should still keep setting linger if SSL is enabled, and not expect user to enable it (or face consequences).
If SSL only works with TLSv1.3 and no linger, we should make TLSv1.3 a default. If JVM does not support it, user will have to reconfigure explicitly. Regards, -- Ilya Kasnacheev пт, 30 окт. 2020 г. в 14:05, Steshin Vladimir <vlads...@gmail.com>: > * > > Hi, Igniters. > > We’ve found that enabled by default socket linger causes unexpected > delay in detection of node failure. > > > Moreover, long closing of socket works as Thread.sleep() within > algorithms of failure detection and connection recovery in TCP > discovery. These time gaps lead to hardly predictable behavior of the > discovery. When the socket linger is enabled, it’s hard or even > impossible to figure out what time is taken to detect node failure and > restore connections with the provided settings. > > Socket linger was enabled only as a workaround for SSL bugs (i.e. [2], > [3]). It was enabled without including in failure processing routines in > TCP discovery SPI as described above. SSL bugs, mentioned above, were > fixed and backported to various JDK, supporting TLS 1.3 ([4] and [5]). > > > I’d suggest to disable socket linger by default, because enabled socket > linger prolongs detection of node failure. The ticket is [1]. In case of > SSL issues the linger could be enabled. Or one may just update JDK. > We'll provide the documentation. > > WDYT? > > > [1] https://issues.apache.org/jira/browse/IGNITE-13643 > > [2] https://bugs.openjdk.java.net/browse/JDK-8219658 > > [3]https://issues.apache.org/jira/browse/IGNITE-12818 > > [4]https://bugs.openjdk.java.net/browse/JDK-8245468 > > [5] https://www.oracle.com/java/technologies/javase/8u261-relnotes.html > > * >
