Skip to content

/ jolokia

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Requests take too long due to reverse DNS #234

Closed
tomasol opened this issue Dec 15, 2015 · 3 comments
Closed

Requests take too long due to reverse DNS #234

tomasol opened this issue Dec 15, 2015 · 3 comments
Labels
Agent Feature
Milestone
1.3.4

Comments

@tomasol
Copy link

@tomasol tomasol commented Dec 15, 2015

Hi. I am using jolokia 1.1.2 but I think this applies to latest HEAD as well:
When I issue curl requests from localhost, everything works fine.
When I connect from remote machine, each response has a noticable delay of ~5 seconds. I made a thread dump and it looks like address.getHostName() in JolokiaHttpHandler is taking most of that time - seems like a request for reverse DNS is made there. Is there a way to avoid this?

  java.lang.Thread.State: RUNNABLE 
at java.net.Inet6AddressImpl.getHostByAddr(Native Method) 
at java.net.InetAddress$1.getHostByAddr(InetAddress.java:898) 
at java.net.InetAddress.getHostFromNameService(InetAddress.java:583) 
at java.net.InetAddress.getHostName(InetAddress.java:525) 
at java.net.InetAddress.getHostName(InetAddress.java:497) 
at java.net.InetSocketAddress$InetSocketAddressHolder.getHostName(InetSocketAddress.java:82) 
at java.net.InetSocketAddress$InetSocketAddressHolder.access$600(InetSocketAddress.java:56) 
at java.net.InetSocketAddress.getHostName(InetSocketAddress.java:345) 
at org.jolokia.jvmagent.JolokiaHttpHandler.handle(JolokiaHttpHandler.java:119) 
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:77) 
at sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:83) 
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:80) 
at sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:668) 
at com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:77) 
at sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:640) 
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 
at java.lang.Thread.run(Thread.java:722)
@rhuss
Copy link
Owner

@rhuss rhuss commented Dec 15, 2015

I see you point but this is currently not possible.

The reason why a reverse DNS lookup happens is that the hostname can be configured in a policy file to restrict the access only from certain hosts. In the policy file you can set either the IP or the hostname.

In order to keep backwards compatibility the check against the hostname can not be removed by default but I could imagine to introduce a property noDnsReverseLookup to switch off this particular check (and anything which would do a reverse lookup, too.
@rhuss rhuss added this to the 1.3.3 milestone Dec 15, 2015
@tomasol
Copy link
Author

@tomasol tomasol commented Dec 15, 2015

I agree with your proposal, thanks
rhuss added a commit that referenced this issue Jan 23, 2016
@rhuss
#234 : Add new option 'allowDnsReverseLookup'
Loading status checks…
06f2e83 
During a restrictor check by default the hostname is determined which might cause a reverse DNS lookup. In order to avoid this (e.g. because there is nor restriction on the hostname), this configuration property can be set to `false`.
For backwards compatibility it is set to `true` but will change to `false` in Jolokia 2.0
@rhuss
Copy link
Owner

@rhuss rhuss commented Apr 13, 2016

Fixed in 1.3.3
@rhuss rhuss closed this Apr 13, 2016
@rhuss rhuss modified the milestones: 1.3.3, 1.3.4 Apr 13, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Agent Feature
Projects
None yet
Milestone
1.3.4
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
@rhuss @tomasol