Discussion:
Choosing a Connector Protocol
Kevin Hale Boyes
2015-06-09 13:38:29 UTC
Permalink
I'm having trouble figuring out what protocol to use for a <Connector>.
I'm using Tomcat 8 and Java 8.

The production system that Tomcat will be running on is Solaris 11 and I'm
not yet sure if I'll be able to build the tomcat native library.
So, I'm choosing between the Http11NioProtocol and Http11Nio2Protocol but I
can't figure out what the difference is.

I'll have two connectors defined - one SSL and the other non-SSL.
The non-SSL connector services user traffic in my web application with the
SSL session being terminated at the coyote load balancer.
The SSL connector services B2B traffic and it's set up for client
authentication.


I've seen the Connector Comparison chart but that doesn't really help.
The only difference seems to be that Nio uses simulated blocking.
A bit of searching seems to compare it against the blocking connector only.

So, I'm asking for help in understanding what the difference is between the
two connector protocols and how to choose the best one for my application.

Thanks,
Kevin.
Mark Thomas
2015-06-09 13:47:49 UTC
Permalink
Post by Kevin Hale Boyes
I'm having trouble figuring out what protocol to use for a <Connector>.
I'm using Tomcat 8 and Java 8.
The production system that Tomcat will be running on is Solaris 11 and I'm
not yet sure if I'll be able to build the tomcat native library.
So, I'm choosing between the Http11NioProtocol and Http11Nio2Protocol but I
can't figure out what the difference is.
I'll have two connectors defined - one SSL and the other non-SSL.
The non-SSL connector services user traffic in my web application with the
SSL session being terminated at the coyote load balancer.
The SSL connector services B2B traffic and it's set up for client
authentication.
I've seen the Connector Comparison chart but that doesn't really help.
The only difference seems to be that Nio uses simulated blocking.
A bit of searching seems to compare it against the blocking connector only.
So, I'm asking for help in understanding what the difference is between the
two connector protocols and how to choose the best one for my application.
There is very little to choose between them. Implementing an NIO2
connector was the only way to find out if there were any noticeable
performance benefits or not (there weren't). Very long term (maybe
Tomcat 10 onwards) one of NIO and NIO2 may get dropped but I think we
are several years away from even thinking about that.

Right now, I'd say go with NIO. It has been around longer and should -
in theory at least - be a little more stable.

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org
Kevin Hale Boyes
2015-06-09 13:51:31 UTC
Permalink
Thanks for you help!
Post by Kevin Hale Boyes
Post by Kevin Hale Boyes
I'm having trouble figuring out what protocol to use for a <Connector>.
I'm using Tomcat 8 and Java 8.
The production system that Tomcat will be running on is Solaris 11 and
I'm
Post by Kevin Hale Boyes
not yet sure if I'll be able to build the tomcat native library.
So, I'm choosing between the Http11NioProtocol and Http11Nio2Protocol
but I
Post by Kevin Hale Boyes
can't figure out what the difference is.
I'll have two connectors defined - one SSL and the other non-SSL.
The non-SSL connector services user traffic in my web application with
the
Post by Kevin Hale Boyes
SSL session being terminated at the coyote load balancer.
The SSL connector services B2B traffic and it's set up for client
authentication.
I've seen the Connector Comparison chart but that doesn't really help.
The only difference seems to be that Nio uses simulated blocking.
A bit of searching seems to compare it against the blocking connector
only.
Post by Kevin Hale Boyes
So, I'm asking for help in understanding what the difference is between
the
Post by Kevin Hale Boyes
two connector protocols and how to choose the best one for my
application.
There is very little to choose between them. Implementing an NIO2
connector was the only way to find out if there were any noticeable
performance benefits or not (there weren't). Very long term (maybe
Tomcat 10 onwards) one of NIO and NIO2 may get dropped but I think we
are several years away from even thinking about that.
Right now, I'd say go with NIO. It has been around longer and should -
in theory at least - be a little more stable.
Mark
---------------------------------------------------------------------
Christopher Schultz
2015-06-09 18:06:32 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Mark,
Post by Mark Thomas
Post by Kevin Hale Boyes
I'm having trouble figuring out what protocol to use for a
<Connector>. I'm using Tomcat 8 and Java 8.
The production system that Tomcat will be running on is Solaris
11 and I'm not yet sure if I'll be able to build the tomcat
native library. So, I'm choosing between the Http11NioProtocol
and Http11Nio2Protocol but I can't figure out what the difference
is.
I'll have two connectors defined - one SSL and the other
non-SSL. The non-SSL connector services user traffic in my web
application with the SSL session being terminated at the coyote
load balancer. The SSL connector services B2B traffic and it's
set up for client authentication.
I've seen the Connector Comparison chart but that doesn't really
help. The only difference seems to be that Nio uses simulated
blocking. A bit of searching seems to compare it against the
blocking connector only.
So, I'm asking for help in understanding what the difference is
between the two connector protocols and how to choose the best
one for my application.
There is very little to choose between them. Implementing an NIO2
connector was the only way to find out if there were any
noticeable performance benefits or not (there weren't). Very long
term (maybe Tomcat 10 onwards) one of NIO and NIO2 may get dropped
but I think we are several years away from even thinking about
that.
Right now, I'd say go with NIO. It has been around longer and
should - in theory at least - be a little more stable.
+1

If you are going to use a LOT of TLS, I would recommend looking into
the native library. OpenSSL absolutely annihilates all of the
JSSE-based connectors for crypto performance. If you will have light
traffic, it doesn't matter which one you choose. If you will have
heavy traffic, it's worth it to get the native connector working.

The native connector is known to build and work properly on Solaris.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJVdysoAAoJEBzwKT+lPKRYBvIP/0/xjkgbPn9RIrxg1uofBpYX
lNzRWTQZ08SrZ97J/3lL+nMqNAwx2/gv0y4raJ/+Pb+LrLakU4UUvpB56/Kgczl2
Dn/QH5JYRq9iqYSvxzEx6WLubHx6GMGbYjBabCToDmlCDRyN+RahFRiKp2kym4VI
4JpsXQTkOi0hukk8sc3PntrPbNddK/pTmRmY+oFyReoGktT+cLOXlA6MrEbN8fyc
NibZAlJmNwu4INJzXwjM1BVv34uYJgjSUFhXvA1kIAyrT09N3djbx4TbFClk5D5I
STbAjMtUjHWAk0xa+dXwtgzJ9gl0jyVZhmNU6ta6B28fjv1i96mnNK2opnQxD3wJ
Fbtp1tDV+s2+gM97rdAdYHoXRApil5zpqQnvFR2B6NXhGq18SEPzP4Y7LklaopON
MMncadzIBSqfQIbPxaOjv5/ShQsw/8U4Vdt7ueWVGiabpMO8mPNBFP8DtZ1gMDHs
PLlDi5f28kXP/47caswTfhlc0u+xVw8pjPHCHj/1e2OQmdMAkuMmZVuh7WpfwjXC
b34YbxYsVmMWYFPEHrWSJpaX4qovqV4VbTNOXI6EDlrgaM/cljcxoJ+hD7yMn72h
xe2yCYjJxh8mjtl5uFla8CbAXu7Zj+sYE+8xhaLzItnXAPwtSpwbwoM/R0x2iZUg
m0GYEkifY8WeRxCP415W
=+L/c
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@tomcat.apache.org
For additional commands, e-mail: users-***@tomcat.apache.org

Loading...