> hey folk, > this may be a bit off topic, so i'll apologize up front if so. we have an > application that uses a combination of browser and swing based code to > access our ejb application. we have the ejb server (jboss) setting in a > dmz. the dmz is a straight forward deployment (cisco switch setting > behind a router, feeding three firewalls that are load balanced, these > feed another load balancer that distributes the load over 4 jboss linux > boxes. oh yeah, there are some hardware ssl accelerators hanging off the > inner most load balancer for both the browser and client app traffic.) > anyways, what we've had to do is crank the firewall session way up to 24 > hours, (nokia recommends 30 seconds), but that was the only way to make I > knew of (that made sense) to keep from having to periodically re-establish > the db connection pools into our database. we still have to make sure we > push a 'ping' from the connection pool down to the db itself. the problem > we are seeing is that the db connections are showing as being closed from > the db's view, but the firewall logs don't show any drops or losses. the > question boils down to this, is there something missing in the way this is > configured? we need both browser and client app access into the ejb > server, so we need the server in the dmz (otherwise we hit the rmi behind > a nat issue). but the firewalls and load balancers all seem to prefer > stateless connectivity flowing through them. has anyone gotten reliable > results, and if so, can y'all point me to appropriate sources, to get this > to be more reliable? thanks, I realize there are a hundred additional > details that can be delved into, i'm just trying to determine where to go > next in the system architecture. > > tom jansto > [EMAIL PROTECTED] > > >
=========================================================================== To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff EJB-INTEREST". For general help, send email to [EMAIL PROTECTED] and include in the body of the message "help".
