TCP With Firewall

Understand how firewalls affect persistent TCP connections in distributed systems. Explore the reasons behind connection drops despite TCP allowing long-lived sockets. Learn how firewalls use access control lists to manage connections and why they terminate idle connections, causing application stability challenges. Gain insights into diagnosing and mitigating firewall-related stability antipatterns.

We'll cover the following...

What happened the next day

Absence of traffic
Decomposition of the server
How long can a connection persist?
Need for firewall
Firewall implementation
Finite number of established connections

What happened the next day

Sure enough, the pattern repeated itself the next morning. Application servers locked up tight as a drum, with the threads inside the JDBC driver.

Absence of traffic

This time, we were able to look at traffic on the databases’ network, but found nothing at all. The utter absence of traffic on that side of the firewall was like Sherlock Holmes’ dog that didn’t bark in the night—the absence of activity was the biggest clue.

Decomposition of the server

We had a hypothesis. Quick decompilation of the application server’s resource pool class confirmed that our hypothesis was plausible.

How long can a connection persist?

We said before that socket connections are an abstraction; they ...

1.Living in Production

2.The Exception That Grounded an Airline

3.Stabilize Your System

4.Stability Antipatterns

5.Failures And Blockages

6.Force Multiplier

7.Stability Patterns

8.Launching An Online Store

9.Foundations

10.Processes on Machines

11.Interconnect

12.Control Plane

13.Security

14.Design for Deployment

15.Handling Versions

16.Case Study: Trampled by Your Own Customers

17.Adaptation

18.System Architecture

19.Information Architecture

20.Chaos Engineering

21.Bibliography

TCP With Firewall

What happened the next day

Absence of traffic

Decomposition of the server

How long can a connection persist?