PQ60991: FIREWALL BETWEEN THE WEB SERVER AND THE APP SERVER ACCEPTING PLUGIN CONNECTIONS WHEN APP SERVER WAS DOWN.

Fixes are available
PQ71589: Incorrect response code is logged in IIS access log
PQ67072; 3.5.4: Invalid error number reported in plug-in traces
PQ67072; 3.5.4: Invalid error number reported in plug-in traces
PQ61926, 3.5.x: Connect timeout enablement for OSE remote
WebSphere Application Server Version 3.5 Fix Pack 7 (3.5.7)
PQ60991, 3.5.4, 3.5.6: Connection handshake enablement for OSE remote
PQ57425: Timeout enablement on the Apache/IHS webserver with plug-ins.
PQ76785: Cumulative plug-in fix for WebSphere Application Server V 3.5.4-3.5.7

APAR

APAR status
Closed as program error.

Error description
Thru investigation it was found that the firewall
between the webserver and appserver was accepting plugin
connections and therefore the plugin was not failing over once
the connection was closed when the appserver was in fact down.
Local fix
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users           *
*                 running with multiple clones with            *
*                 a proxy firewall.                            *
****************************************************************
* PROBLEM DESCRIPTION: Failover loses requests on multiple     *
*                      clone appserver with proxy firewall     *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The proxy firewall being used would accept connections
for the application server even if the application server
was down.  This extended the point at which the appserver
problem was detected to the point the first read was done
on the bogus connection, which was well past the point that
the failover mechanism could intervene.
Problem conclusion
The failover and the OSE connection handshaking was modified
so the appserver problems are detected early enough to allow
the failover to kick in, even in the face of these proxy
firewalls that accept connections for dead appservers.
Temporary fix
Comments
APAR information
APAR numberPQ60991
Reported component nameWAS ADVANCED SU
Reported component ID5648C8402
Reported release350
StatusCLOSED PER
PENoPE
HIPERNoHIPER
Submitted date2002-05-09
Closed date2002-05-31
Last modified date2002-05-31

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:


Modules/Macros
PLUGIN
APAR is sysrouted TO one or more of the following:Modules/Macros

Fix information
Fixed component nameWAS ADVANCED SU
Fixed component ID5648C8402

Applicable component levels
R350 PSYUP











Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, General
Software version: 350
Reference #: PQ60991
IBM Group: Software Group
Modified date: 2002-05-31