Christian's questions

I want to capture some traffic with tcpdump for troubleshooting. The problem is, the error is not reproducible. To not fill up the hole disks with captures, I would like to capture the traffic with some sort of sliding window.

Let's say I write the capture to a file and when the file reaches a size of 1GB it will drop the oldest packets and write the new ones. This way I would only get the traffic for some hours but hopefully enough to have the right packets when the user calls.

I couldn't find an option for tcpdump. Has someone an idea how to solve this?

i've a problem with our jmx monitoring. we monitor the perm gen of some jvms with jmx. but from time to time the name of the mbean changes from "PS Perm Gen" to "Perm Gen" or vice versa. it happens with a restart of the tomcat server, but not with every restart.

the jvm version is 1.5.0_16.

has anyone experienced this problem and perhaps has a solution?

is it possible to replicate the mod_jk sticky session information to another apache for an failover setup?

the idea behind the question is to setup two apaches with sticky sessions in front off some tomcats. when one apaches fails, the other one should take over the mod_jk session information so he knows which requests to serve to what tomcat.

i know an alternative would be session replication at the tomcat level and not to use sticky sessions, but this is not possible at the moment.

I have a problem with an apache who's stalling with too much requests. When I take a look at the server-status page I can see that most of the connections are in state "Reading Request", but do not finish. When I do a graceful restart, all of the "Reading Request"-connections disappear. Because the restart does not take long, I belief the connections are not used any more.

The apache is filling up with these request over some time (> 30 minutes). But when the connections are not used any more, I would expect some timeout to kill these connections, but this does not happen or the timeout is too big.

Does anyone know which timeout should kill these connections or am I searching at the wrong point?

Some details to the setup:
apache 2.0.55 on HP-UX with mod_jk 1.2.10
Most of the connections in state "Reading Request" are connections to an tomcat backend over mod_jk (client --> HP-UX apache --> Tomcats), but not all of them.
I know that mod_jk is a very old version, it is planned to be updated soon.

But I do not suspect mod_jk, because the same effect appears when redirecting the connections to another apache with newer mod_jk and then redirecting the connections to the tomcats (client --> HP-UX apache --> Linux apache --> Tomcats). It is always the HP-UX apache filling up with "RR"-connections.

I have to create heapdumps, which works nice with jmap. My problem is, that jmap takes very long to create the heapdump file. Especially when the heap is getting bigger (> 1GB) it is taking too long.

One situation as example:
When the server gets into trouble with the heapspace, I want to restart it automatically and create a heapdump before the restart. This works, but takes too long to write the heapdump. This way the server is down for too long. The heapdump creation takes longer than one hour.

I know about -XX:+HeapDumpOnOutOfMemoryError, but most of the time I can find the memory problem before the exception is thrown by the jvm.

Is there an alternative to jmap which writes the heapdumps faster?
A special solution for the example above would also be appreciated.

This question is a mix between programming and system-administration, but I think I'm at the right place here.