[
https://issues.apache.org/jira/browse/KAFKA-13418?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17514365#comment-17514365
]
Ismael Juma commented on KAFKA-13418:
-------------------------------------
Thanks for your contribution [~skokoori] ! Tricky bug this one. :)
> Brokers disconnect intermittently with TLS1.3
> ---------------------------------------------
>
> Key: KAFKA-13418
> URL: https://issues.apache.org/jira/browse/KAFKA-13418
> Project: Kafka
> Issue Type: Bug
> Components: clients
> Affects Versions: 2.8.0
> Reporter: shylaja kokoori
> Assignee: shylaja kokoori
> Priority: Minor
> Fix For: 3.2.0, 3.1.1, 3.0.2
>
> Attachments: tls1_3.patch
>
>
> Using TLS1.3 (with JDK11) is causing a regression and an increase in
> inter-broker p99 latency, as mentioned by Yiming in
> [Kafka-9320|https://issues.apache.org/jira/browse/KAFKA-9320?focusedCommentId=17401818&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17401818].
> We tested this with Kafka 2.8.
> The issue seems to be because of a renegotiation exception being thrown by
> {code:java}
> read(ByteBuffer dst)
> {code}
> &
> {code:java}
> write(ByteBuffer src)
> {code}
> in
> _clients/src/main/java/org/apache/kafka/common/network/SslTransportLayer.java_
> This exception is causing the connection to close between the brokers before
> read/write is completed. In our internal experiments we have seen the p99
> latency stabilize when we remove this exception.
> Given that TLS1.3 does not support renegotiation, I would like to make it
> applicable just for TLS1.2.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
