From nobody Mon Dec 04 14:18:40 2023 X-Original-To: java@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SkQkm3xJmz53Q5C for ; Mon, 4 Dec 2023 14:18:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SkQkm2RNwz4lpN for ; Mon, 4 Dec 2023 14:18:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1701699520; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3ehi7ngGGHRQNLd7NQc3PQE1kx00Tva8wPbJFPgfdxs=; b=J+ThS95Bvp1NFVFoKlS9fGBNEXndKc/3ux3AZyJE4wpvODqH4//4axcX6aYA4G9bNp0jDy EWl3apjZPEptD8V1D8NVcki5ijJZn9f5hqQm+c2nSsz9oK/+G52/A3wzhYIFbANtxAJQTh Mvetuba1am1knEdErdE4UKa/tQNFdINg+8eR3o6b2wwYlH2akSpIXaMjq7FKXF52Z92PH2 abNjQaJf2QiAcN7JlHiysbylMF+EpdVw53o68i3MqCUFI64XKep1P/eMOK+B6WmHUYC4Zm 9KZVaHY/rh2gOdpc8EiTFnFjnBn3EwC0e9L69evMF/i41zOGSV+JJHYAhCIU6w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1701699520; a=rsa-sha256; cv=none; b=Fl/J6Hre+OIqapv07FI2/sESZhn4b1z5T9Dl6cZVtyxXoI1FbWOKmKyu0hhiu3A9GHnpWL MC8tdoOA4nz3MGOVkqW8w+a2oqmQ98rlUNCnRKAOq+Ergt50XzIspHagSW3H7tPd9Eh0VC fB04QQOAocAWpiQz+R6S6tHW78jkE7QnEntBlAJRH9DmUFpAxNfogHXsfSVD++M7ZT3vio tovSOLZic3Wdo52KH3n5J9w2rxVCcVlnH+Iyxr39BL75NZOaXlekJ0QI9YhQ5kispxvqKP CtUYSDHvdpJAC5ytLYCNCxUDakOK2NrUTRZkh0P1haOgNQiZTkis1ezqRJoxWw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SkQkm1NYVzVNB for ; Mon, 4 Dec 2023 14:18:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 3B4EIeA1000751 for ; Mon, 4 Dec 2023 14:18:40 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 3B4EIe0x000750 for java@FreeBSD.org; Mon, 4 Dec 2023 14:18:40 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: java@FreeBSD.org Subject: [Bug 274964] java/openjdk21 Dual-stack IPv4/IPv6 applications no longer work with sysctl net.inet6.ip6.v6only=1 Date: Mon, 04 Dec 2023 14:18:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: djn@araxis.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: java@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Porting Java to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-java List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-java@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274964 --- Comment #4 from Daniel Neades --- Hello Michael, thank you for your interest in this issue. I hope the follow= ing information will prove helpful. I initially reported the problem with our host running FreeBSD 13.2-RELEASE= -p3. I have just upgraded to FreeBSD 13.2-RELEASE-p6 (though the kernel is showi= ng p4) and can confirm that the problem still exists. Our host has a number of jails. Jail id 3 contains the Tomcat application; = jail id 11 contains the Scala application. The following commands were run direc= tly on the host (i.e. not inside a jail): ``` # uname -a FreeBSD 13.2-RELEASE-p4 FreeBSD 13.2-RELEASE-p4 GENERIC amd64 # freebsd-version -kru -j 3 -j 11 13.2-RELEASE-p4 13.2-RELEASE-p4 13.2-RELEASE-p6 13.2-RELEASE-p6 13.2-RELEASE-p6 # sysctl net.inet6.ip6.v6only net.inet6.ip6.v6only: 1 ``` With OpenJDK 17, the Scala application listens on a dual-stack socket. The following commands were run within jail id 11 with the Scala application running on OpenJDK 17: ``` # pkg version -v | grep jdk openjdk17-17.0.9+9.1 =3D up-to-date with index # service portal restart && sleep 5 && sockstat -l -6 -4 -p 8443 Stopping portal. Waiting for PIDS: 43983. Starting portal. USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS portal java 44346 10 tcp46 *:8443 *:* # ps -axww | grep openjdk | head -n 1 # show command used to run application 53030 - IJ 0:05.07 /usr/local/openjdk17/bin/java -Djava.net.preferIPv4Stack=3Dfalse -Xms32m -Xmx64m -Djdk.tls.ephemeralDHKeySize=3D2048 -Djdk.tls.server.enableStatusRequestExtension=3Dtrue -Dlogback.configurationFile=3D/usr/local/portal/etc/logback.xml -jar /usr/local/portal/lib/Portal2023.0.34.jar --dbHost=3D10.12.12.11 --dbPort= =3D6432 ``` With OpenJDK 21, the Scala application listens only on an IPv6 socket. The following commands were run within the jail id 11, this time running the Sc= ala application on OpenJDK 21: ``` # pkg version -v | grep jdk openjdk21-21.0.1+12.1 =3D up-to-date with index # service portal restart && sleep 5 && sockstat -l -6 -4 -p 8443 Stopping portal. Waiting for PIDS: 48749. Starting portal. USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS portal java 49590 10 tcp6 ::7546:0:c:8443 *:* # ps -axww | grep openjdk | head -n 1 # show command used to run application 49590 - IJ 0:06.86 /usr/local/openjdk21/bin/java -Djava.net.preferIPv4Stack=3Dfalse -Xms32m -Xmx64m -Djdk.tls.ephemeralDHKeySize=3D2048 -Djdk.tls.server.enableStatusRequestExtension=3Dtrue -Dlogback.configurationFile=3D/usr/local/portal/etc/logback.xml -jar /usr/local/portal/lib/Portal2023.0.34.jar --dbHost=3D10.12.12.11 --dbPort= =3D6432 ``` Now, to repeat the same exercise but using the Tomcat application running in jail 3 =E2=80=A6 With OpenJDK 17, Tomcat listens on a dual-stack socket. The following comma= nds were run within jail id 3 with Tomcat running on OpenJDK 17 (OpenJDK 11 and= 8 are installed as Tomcat/APR dependencies): ``` # pkg version -v | grep -E '(openjdk|tomcat)'=20 openjdk11-11.0.21+9.1 =3D up-to-date with index openjdk17-17.0.9+9.1 =3D up-to-date with index openjdk8-8.392.08.1 =3D up-to-date with index tomcat-native-1.2.38 =3D up-to-date with index tomcat101-10.1.16 =3D up-to-date with index # service tomcat101 restart && sleep 5 && sockstat -l -6 -4 -p 8443,8180 Stopping tomcat101. Waiting for PIDS: 58204. Starting tomcat101. USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS www jsvc 59982 44 tcp46 *:8180 *:* www jsvc 59982 48 tcp46 *:8443 *:* # ps -axww | grep jsvc | head -n1 # show command used to run application 59981 - IsJ 0:00.00 /usr/local/bin/jsvc -java-home /usr/local/openjdk17 -server -user www -umask 0077 -pidfile /var/run/tomcat101.pid -wait 30 -out= file /usr/local/apache-tomcat-10.1/logs/catalina.out -errfile &1 -classpath /usr/local/apache-tomcat-10.1/bin/bootstrap.jar:/usr/local/share/java/class= es/commons-daemon.jar:/usr/local/apache-tomcat-10.1/bin/tomcat-juli.jar -Djava.util.logging.manager=3Dorg.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=3D/usr/local/apache-tomcat-10.1/conf/loggin= g.properties -Xms128m -Xmx256m -Djava.net.preferIPv4Stack=3Dfalse -Dcatalina.home=3D/usr/local/apache-tomcat-10.1 -Dcatalina.base=3D/usr/local/apache-tomcat-10.1 -Djava.io.tmpdir=3D/usr/local/apache-tomcat-10.1/temp org.apache.catalina.startup.Bootstrap ``` With OpenJDK 21, Tomcat listens only an IPv6 socket. The following commands were run within jail id 3 with Tomcat running on OpenJDK 21: ``` # pkg version -v | grep -E '(openjdk|tomcat)' openjdk11-11.0.21+9.1 =3D up-to-date with index openjdk21-21.0.1+12.1 =3D up-to-date with index openjdk8-8.392.08.1 =3D up-to-date with index tomcat-native-1.2.38 =3D up-to-date with index tomcat101-10.1.16 =3D up-to-date with index # service tomcat101 restart && sleep 5 && sockstat -l -6 -4 -p 8443,8180 Stopping tomcat101. Waiting for PIDS: 62706. Starting tomcat101. USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS www jsvc 63327 45 tcp6 ::7546:0:3:8180 *:* www jsvc 63327 49 tcp6 ::7546:0:3:8443 *:* # ps -axww | grep jsvc | head -n1 # show command used to run application 63326 - IsJ 0:00.00 /usr/local/bin/jsvc -java-home /usr/local/openjdk21 -server -user www -umask 0077 -pidfile /var/run/tomcat101.pid -wait 30 -out= file /usr/local/apache-tomcat-10.1/logs/catalina.out -errfile &1 -classpath /usr/local/apache-tomcat-10.1/bin/bootstrap.jar:/usr/local/share/java/class= es/commons-daemon.jar:/usr/local/apache-tomcat-10.1/bin/tomcat-juli.jar -Djava.util.logging.manager=3Dorg.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=3D/usr/local/apache-tomcat-10.1/conf/loggin= g.properties -Xms128m -Xmx256m -Djava.net.preferIPv4Stack=3Dfalse -Dcatalina.home=3D/usr/local/apache-tomcat-10.1 -Dcatalina.base=3D/usr/local/apache-tomcat-10.1 -Djava.io.tmpdir=3D/usr/local/apache-tomcat-10.1/temp org.apache.catalina.startup.Bootstrap ``` Here is the connector for the 8443 HTTPS socket from the Tomcat `server.xml` file showing the use of the APR-provided OpenSSL implementation: ``` ``` --=20 You are receiving this mail because: You are the assignee for the bug.=