Just noticed what I was missing about connectionTimeout - it's the default for keepAliveTimeout. So, that clears that up.
Still don't think it's a "huge negative performance impact!" to disable connection reuse. ----- Original Message ----- From: "Luke Meyer" <lme...@vmware.com> To: users@tomcat.apache.org Sent: Tuesday, April 10, 2012 5:09:17 PM Subject: mod_jk - Firewall connection dropping I have some questions about the documentation at http://tomcat.apache.org/connectors-doc/generic_howto/timeouts.html regarding the Firewall Connection Dropping section. I don't think it's quite right, but maybe I misunderstand. To quote the sections in question: " Many firewalls will allow connection closing, even if they dropped the connection for normal traffic. Therefore you should always use connection_pool_timeout and connection_pool_minsize on the JK side and connectionTimeout on the Tomcat side. [...] In case none of our recommendations help and you are definitively having problems with idle connection drops, you can disable the use of persistent connections when using JK together with Apache httpd. For this you set "JkOptions +DisableReuse" in your Apache httpd configuration. This will have a huge negative performance impact! " The recommendation to use connection_pool_timeout seems good - close connections that have been idle so the firewall doesn't drop them. But I don't see what connectionTimeout on the AJP connector has to do with keepalive timeouts - it seems to be for initial connections only. I would think keepAliveTimeout is the way to get rid of connections that the firewall has dropped - yes? I also don't understand why disabling reuse entirely is said to have a "huge negative performance impact!" The only impact I can see is that you have to reopen a connection for each request. If your servers are right next to each other on the network, or even on the same box, as is typical in most AJP setups, then connection time is negligible. In my tests (on the same box) the whole handshake took .1 millisecond - obviously, if there's some latency, that may be a few milliseconds, but in the scenario where a firewall is dropping inactive connections, I hardly think there would be so much throughput that this would matter. Certainly it's not going to matter compared to the risk of threads being tied up on dead connections. And if your network isn't perfect, but the latency is negligible, why not just disable reuse so you never have to take that risk? And the biggest question... why does the default configuration assume that connections will always either stay open forever or be properly closed? By default, if connections are dropped, Tomcat eventually becomes unresponsive because the connector thread pool is exhausted, and you must restart. This looks really bad. Why not have a default keepAliveTimeout value that acknowledges the real world isn't perfect and frees threads from dead connections? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org