Any word on this? Safe to assume it did not occur prior to 2.4.10? Do you just have setoutputfilter DEFLATE or something else? On Sun, Jul 27, 2014 at 8:23 AM, Jeff Trawick <trawick@xxxxxxxxx> wrote: > On Sat, Jul 26, 2014 at 10:58 AM, <Ulrich.Herbst@xxxxxxxxxxxxx> wrote: >> >> Hi, >> >> >> >> Is it possible that mod_deflate is configured, perhaps unexpectedly, to >> decompress the response from the backend via an input filter? >> >> >> >> >> >> ð Yes, for sure. mod_deflate is enabled and we compress the >> (uncompressed) response from the backend before sending to the clients. >> >> >> >> See >> http://httpd.apache.org/docs/current/mod/mod_deflate.html#deflateinflatelimitrequestbody >> (new with 2.4.10) >> >> >> >> ð So, you think, that our compressed body is too large sometimes, and we >> got “no space” because of this ? > > > I think it is possible to get that error with proxy when a compressed > response from a backend server is relatively large. > > Are you seeing any warning messages in the log from mod_deflate? What is > the log level that applies to mod_deflate? (Or, what is your LogLevel > directive if that doesn't make sense to you ;) ) You'd need to see log > level warn to check this theory on mod_deflate. > > Another case is with the http layer returning ENOSPC when exceeding a > similar limit when the body is not compressed. The log level for http must > log info messages. > > If your log level is higher than info (e.g., error), try something like > > LogLevel error http:info deflate:warn > > to see log messages that could pinpoint exactly where the error comes from. >> >> >> >> Uli >> >> >> >> >> >> Von: Jeff Trawick [mailto:trawick@xxxxxxxxx] >> Gesendet: Freitag, 25. Juli 2014 17:10 >> An: users@xxxxxxxxxxxxxxxx >> Betreff: Re: [proxy_http:error] [pid 13256:tid >> 47013272524544] (11)Resource temporarily unavailable: [client >> 172.31.0.142:21815] AH01110: error reading response >> >> >> >> On Fri, Jul 25, 2014 at 10:49 AM, Tom Evans <tevans.uk@xxxxxxxxxxxxxx> >> wrote: >> >> On Fri, Jul 25, 2014 at 11:37 AM, <Ulrich.Herbst@xxxxxxxxxxxxx> wrote: >> > Hi, >> > >> > we have apaches as reverse proxies for some tomcat and wso2-application >> > servers. >> > >> > We get this error message on a high-load-webserver: >> > >> > [proxy_http:error] [pid 13256:tid 47013272524544] (11)Resource >> > temporarily >> > unavailable: [client 172.31.0.142:21815] AH01110: error reading response >> > >> > And we have no clue, which resource is unavailable and what to do >> > against >> > it. >> > >> > Apache-2.4.10 / apr-1.5.1 >> > >> > Ulimit of apache-user: >> > core file size (blocks, -c) 0 >> > data seg size (kbytes, -d) unlimited >> > scheduling priority (-e) 0 >> > file size (blocks, -f) unlimited >> > pending signals (-i) 46666 >> > max locked memory (kbytes, -l) 655360 >> > max memory size (kbytes, -m) unlimited >> > open files (-n) 655360 >> > pipe size (512 bytes, -p) 8 >> > POSIX message queues (bytes, -q) 819200 >> > real-time priority (-r) 0 >> > stack size (kbytes, -s) unlimited >> > cpu time (seconds, -t) unlimited >> > max user processes (-u) 655360 >> > virtual memory (kbytes, -v) unlimited >> > file locks (-x) unlimited >> > >> > $ cat /proc/sys/kernel/threads-max >> > 2065067 >> > >> > >> > So, I don’t see any visible shortage of anything. >> > >> > >> > Any ideas how to find the reason for this error ? >> > >> > Uli >> > >> >> Running out of shm? >> >> How are you proxying to tomcat (http/ajp/jk2)? >> >> >> >> The message comes from mod_proxy_http, so "http" it is. >> >> >> >> Looking at how to get the ENOSPC error in that particular context, I see >> that several pieces of code can return ENOSPC based on exceeding some >> configured limit, but most don't apply to the path where that message is >> issued. >> >> >> >> Is it possible that mod_deflate is configured, perhaps unexpectedly, to >> decompress the response from the backend via an input filter? >> >> >> >> See >> http://httpd.apache.org/docs/current/mod/mod_deflate.html#deflateinflatelimitrequestbody >> (new with 2.4.10) That is part of a fix to vulnerability CVE-2014-0118. >> >> >> >> >> >> >> Cheers >> >> Tom >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx >> >> >> >> >> >> -- >> >> Born in Roswell... married an alien... >> http://emptyhammock.com/ >> >> http://edjective.org/ >> >> > > > > > -- > Born in Roswell... married an alien... > http://emptyhammock.com/ > http://edjective.org/ > -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|