Continue Exploration and Analysis of JMX listening ports

Continue Exploration and Analysis of JMX listening ports
Continue Exploration and Analysis of JMX listening ports

In the previous article, the troubleshooting of "Connection refused to host: 127.0.0.1" in zabbix monitoring tomcat continues to understand the relevant jmx knowledge. After the previous troubleshooting, a new situation was discovered.

New Phenomenon

Tomcat listens to five ports

Among them, 51024 is the http access port 52024 is the jmx listening port 53024 is the shutdown port, the remaining two ports are not useful, and communication with development, development is not listening in the program, observe the application deployed on other hosts and find that there are two ports that are not intended for listening.

As shown below

.....ps -ef | grep tripWebtomcat   20994     1  4 Jun05 ?        01:08:31 /usr/java/default/bin/java -Xms1024M -Xmx2048M -server -XX:PermSize=256M -XX:MaxPermSize=512M -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager ......lsof -p 20994 |grep LISTENjava    20994 tomcat   16u  IPv4          247485728        0t0       TCP *:52373 (LISTEN)java    20994 tomcat   17u  IPv4          247485729        0t0       TCP *:52024 (LISTEN)java    20994 tomcat   18u  IPv4          247485730        0t0       TCP *:57373 (LISTEN)java    20994 tomcat   37u  IPv4          247478500        0t0       TCP *:51024 (LISTEN)java    20994 tomcat   68u  IPv4          247485737        0t0       TCP localhost:53024 (LISTEN)

Try Analysis

Capture packets and check the communication between the two ports

It is found that the communication content on port 52373 is jmx-related data. In this example, it is the monitoring data communication between java-gateway and tomcat of zabbix.

• Example

tcpdump -X -nnn port 52373......17:11:23.903009 IP 10.0.1.2.43200 > 10.0.1.22.52373: Flags [P.], seq 4074:4215, ack 10549, win 376, options [nop,nop,TS val 3942015991 ecr 4132106950], length 141    0x0000:  4500 00c1 04bb 4000 4006 1f65 0a00 0102  E.....@.@..e....    0x0010:  0a00 0116 a8c0 cc95 0c50 7768 9869 36e9  .........Pwh.i6.    0x0020:  8018 0178 b3f4 0000 0101 080a eaf6 63f7  ...x..........c.    0x0030:  f64a f2c6 50ac ed00 0577 2200 3f44 6763  .J..P....w".?Dgc    0x0040:  3853 7066 4c16 4400 0001 5c77 0823 cd57  8SpfL.D...\w.#.W    0x0050:  66ff ffff fff0 e050 0a39 4d72 1573 7200  f......P.9Mr.sr.    0x0060:  1b6a 6176 6178 2e6d 616e 6167 656d 656e  .javax.managemen    0x0070:  742e 4f62 6a65 6374 4e61 6d65 0f03 a71b  t.ObjectName....    0x0080:  eb6d 15cf 0300 0070 7870 7400 2a6a 6176  .m.....pxpt.*jav    0x0090:  612e 6c61 6e67 3a74 7970 653d 4d65 6d6f  a.lang:type=Memo    0x00a0:  7279 506f 6f6c 2c6e 616d 653d 5053 2050  ryPool,name=PS.P    0x00b0:  6572 6d20 4765 6e78 7400 0555 7361 6765  erm.Genxt..Usage    0x00c0:  70                                       p......

57373 of packet capture data, which lasted for half an hour without data

tcpdump -X -nn dst host 10.0.1.22 and dst port 57373 

After finding the connection with jmx, I resort to google and summarize the following:

• -Dcom. sun. management. jmxremote. port

  After this parameter is specified, java will open two random ports, one as the data communication port of jmx and the other as the local connection port of jconsole. For example, above 52373 is the jmx communication port, 57373 is the jconsole Communication Port

• The jmx listening and data communication port merging method. The following two parameters can be set to the same port (effective from Java 7 update25)

 com.sun.management.jmxremote.port    com.sun.management.jmxremote.rmi.port

• How to disable listening on jconsole Port

  Add-XX: + disableattachmachism to the startup Parameter

Acknowledgment and reference

Why Java opens 3 ports when JMX is configured?

Tomcat 7 jmx configuration access