Thanks SImone for the analysis, >Good solution, just remember to protect that local Servlet (only you should be able to call it).
Yes the servlet will only be accessible by us. > the client connects to ports 8080 (typically used for clear-text communication), while the diagram hints there is SSL offload at the external server. We have dedicated haproxy before each external servers which runs in 8080 and work as a SSL offloader and pass it to backend server which is a clear-text. >Can you enable DEBUG logs then send the *first* request? There must be something really weird that happens and we don't cope well with it. Enabling Debug logs in production servers are real headache, anyhow I ll try to get the logs somehow. My doubt is *first* request you mean whether its a very first request fired by the client or the first request which hangs? On Fri, Sep 20, 2019 at 3:54 PM Simone Bordet <[email protected]> wrote: > Santhosh, > > sorry for the late reply. > > On Mon, Aug 26, 2019 at 3:26 PM Santhosh Kumar <[email protected]> > wrote: > > I cannot use JMX in live production servers, so I just called > httpclient.dump() while it was hanging using a local servlet call, FYKI we > instantiate a static httpclient and it will be used to establish > connection with many remote servers in a multithreaded environment. PFA > links below for client dumps > > > > https://pastebin.com/N017wph4 > > > > https://pastebin.com/k21hzLwL > > Good solution, just remember to protect that local Servlet (only you > should be able to call it). > > What I see from the dumps are 2 things. > * the client connects to ports 8080 (typically used for clear-text > communication), while the diagram hints there is SSL offload at the > external server. > * the client has a lot of exchanges queued, and the connection pool is > empty of established connections, although 1 was attempted. > > This is one client dump that seems to be manufactured as I looked at > it and thought "impossible". > > This strikes to me as the client trying to connect to the external > server, but does not receive a TCP reply (or we handle it wrongly). > The client-side connect timeout should fire and fail all the > exchanges, but apparently it does not. > > Can you enable DEBUG logs then send the *first* request? > There must be something really weird that happens and we don't cope > well with it. > > Thanks for your patience. > > -- > Simone Bordet > ---- > http://cometd.org > http://webtide.com > Developer advice, training, services and support > from the Jetty & CometD experts. > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users > -- *With Regards,* *Santhosh Kumar J*
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
