GemFire: Firewall or similar network devices closes idle connections to GemFire
Article ID: 401102
Updated On:
Products
Issue/Introduction
Firewall or similar network devices closes idle connections to GemFire, depending on the configuration of the network devices.
Environment
Clients connects GemFire runs on Linux OS through a network device such firewall.
Cause
It is due to the network device such as firewall usually handle and terminates the idle connections that go through it depending on the configurations of the network devices.
Resolution
Using KeepAlive in GemFire environment will fix this issue.
TCP KeepAlive is a mechanism that helps prevent idle TCP connections from being prematurely closed by network devices such as firewalls. In VMware Tanzu GemFire, enabling TCP KeepAlive ensures that long-lived, idle connections remain active, which is crucial for stable cluster and client/server communications. GemFire uses the `gemfire.setTcpKeepAlive` system property to control TCP KeepAlive behavior.
gemfire.setTcpKeepAlive` is set to `true`, GemFire enables the `SO_KEEPALIVE` socket option for its connections. This causes the operating system to periodically send keepalive probes on idle connections.net.ipv4.tcp_keepalive_time = 600 # Seconds before sending first keepalive probe (default: 7200)net.ipv4.tcp_keepalive_intvl = 60 # Interval between probes (default: 75)net.ipv4.tcp_keepalive_probes = 5 # Number of failed probes before closing (default: 9)Additional Information
Feedback
