-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 André,
On 11/11/13, 5:41 AM, André Warnier wrote: > Howard W. Smith, Jr. wrote: >> On Sun, Nov 10, 2013 at 9:14 AM, Howard W. Smith, Jr. < >> smithh032...@gmail.com> wrote: >> >>> Caused by: java.net.SocketTimeoutException at >>> org.apache.tomcat.util.net.NioBlockingSelector.write(NioBlockingSelector.java:127) >>> >>> >>> at >>> org.apache.tomcat.util.net.NioSelectorPool.write(NioSelectorPool.java:174) >>> >>> >>> at >>> org.apache.coyote.http11.InternalNioOutputBuffer.writeToSocket(InternalNioOutputBuffer.java:163) >>> >>> >> >> >>> my apologies, based on this exception (above), I decided to provide you >> with the following from my tomee/conf/server.xml: >> >> >> <Connector port="8080" >> protocol="org.apache.coyote.http11.Http11NioProtocol" >> maxThreads="150" connectionTimeout="20000" >> acceptorThreadCount="2" redirectPort="8443" >> socket.directBuffer="false"/> >> >> >> I guess the answer may be the connectionTimeout="..." (above), >> but still would like to know recommendations of others based on >> experience with web application serving mobile clients. thanks. >> > > AFAIK, the "connectionTimeout" above applies specifically to this > : - the client opens a TCP connection to the server - but then the > client does not send any request over that connection (so the > server waits and waits, until that timeout strikes). More specifically, it's the timeout within which the client must send the *request line* of the request. The whole request can take 10 minutes (e.g. huge streaming upload) for all Tomcat cares, as long as the initial request line arrives within that 20 seconds. > This is a classic way of doing a DoS attack : many clients connect > and don't send a request (or do it very slowly), tying up server > resources until the server is overwhelmed. In some Connector > configurations, this does not necessarily tie up a Thread (only a > TCP socket), but it does have the potential to tie up limited > resources. The value of 20000 above is in milliseconds, so after a > connection is established, the server will wait up to 20 seconds > for a request to be received. I would not expect nowadays that any > client, on any type of connection, would take that long to send a > request on an established connection. So I would certainly not > make it larger, and you can probably reduce it significantly, and > save resources. +1 If a client doesn't send the request within about 5 seconds, I don't think it's going to send it at all. (Probably less than 5 seconds, honestly, but I've never bothered to collect the data on my servers to substantiate that assertion). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSgPe8AAoJEBzwKT+lPKRYDH0QAMnXTmInl/aRqYQY8nONf16K 2Scj1Jk4r2X9fjRaGXnO9p5A3vmnrTnUEruaKBl1Jym8Y0nMFbPtSBsxXaKTfRBH uvIZAj0jyKkuS7oaXBGAjCkRP8ZGNWyHgjB/e+EBWg7dinAl3zfe6Ims4EBIUxc5 GL3fdbyX6uMhV7snMilYXT3OJcp8vPXDGTG6apOLoepfbMxCiBdYpV0MEKO6FEu1 v5lSoN5Clk3g1d9i7utxrfV/cegsABxRDxNpo56SrjdajVkfrOOzr9Wf1Qqy+bIe nxMcK+AT/V/SNxpHjQ07grK5lBMjqd/vA4AgKDCQGX+qgfoF+6q7lA6YAk6wP7M9 QrBEe9Vj7Q9TLNE+DhClh/BZV5WYcXjUq6q4PI+G0XJYxwYHNcEGEj/ror5+Rqdg af7iru3koQUFXqIHCblvjESmDsxLTmuI+Bh3NEZrm/VLdM2BiLAnnJQeILIhy2Ez YZPq1LlbQojYBGITgii72wD9eS1TR309quFT5YQXd1GsTbCUU2Z/uOxPAJ9BZDJF 6nZZLvdRh0sBptqtomzgaYMcSrVBbBanoRwWxE2Gwo2iKHkpnhkWlG1mdyLEjeNk Rq2+HzdEOHNPLXB9i528huvQKPP1BTPlUtuWd5d3aAVIb9yHoG5oesTsidPsXoLY scuBEQREmP7qMtaOSGq5 =tEDl -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
