Tomcat doesn't appear to work out of the box on a fresh CentOS 6.5. Am I missing something?

Question

I install CentOS 6.5 with the "Web Server" package selection and everything else as defaults.

I do a service tomcat6 start, then a ss -ntlp to confirm that Tomcat is listening on port 8080, as specified in the default Tomcat 6 /etc/tomcat6/server.xml. This is the output:

State       Recv-Q Send-Q                                             Local Address:Port                                               Peer Address:Port
LISTEN      0      128                                                           :::111                                                          :::*                                users:(("rpcbind",1012,11))
LISTEN      0      128                                                            *:111                                                           *:*                                users:(("rpcbind",1012,8))
LISTEN      0      100                                                           :::8080                                                         :::*                                users:(("java",1561,37))
LISTEN      0      128                                                           :::22                                                           :::*                                users:(("sshd",1216,4))
LISTEN      0      128                                                            *:22                                                            *:*                                users:(("sshd",1216,3))
LISTEN      0      128                                                    127.0.0.1:631                                                           *:*                                users:(("cupsd",1102,7))
LISTEN      0      128                                                          ::1:631                                                          :::*                                users:(("cupsd",1102,6))
LISTEN      0      100                                                          ::1:25                                                           :::*                                users:(("master",1292,13))
LISTEN      0      100                                                    127.0.0.1:25                                                            *:*                                users:(("master",1292,12))
LISTEN      0      128                                                           :::33081                                                        :::*                                users:(("rpc.statd",1030,11))
LISTEN      0      128                                                            *:33657                                                         *:*                                users:(("rpc.statd",1030,9))
LISTEN      0      1                                               ::ffff:127.0.0.1:8005                                                         :::*                                users:(("java",1561,39))
LISTEN      0      50                                                            :::8009                                                         :::*                                users:(("java",1561,38))

Does this mean that Tomcat is only listening on IPv6 instead of both IPv6 and IPv4? Why won't it work properly "out of the box", so to speak?

You should add more options to your `ss` command, to list only TCP listeners, and show the processes: `ss -ntlp` — Michael Hampton, Dec 14 '13 at 19:10
Interesting. I have updated the question accordingly, according to this new information. — James, Dec 14 '13 at 20:01
Thanks for your pointers. I've updated the original question to be more verbose and more clear. — James, Dec 14 '13 at 20:09

score 1 · Answer 1 · answered Dec 14 '13 at 20:14

1

It depends on the value of the sysctl net.ipv6.bindv6only.

If this is set to 0, a listener on the IPv6 INADDR6_ANY address (::) will listen for both IPv6 and IPv4 connections, unless the application itself also set IPV6_V6ONLY on the socket.

If this is set to 1, such a listener will listen only for IPv6 connections.

# sysctl net.ipv6.bindv6only
net.ipv6.bindv6only = 0

It should be trivial to test whether the application is listening on IPv4...

telnet 127.0.0.1 8080

answered Dec 14 '13 at 20:14

Michael Hampton

237,123
42
477
940

A `sysctl net.ipv6.bindv6only` on an out of the box CentOS 6.5 shows that `net.ipv6.bindv6only = 0`, which means that this isn't the answer that I'm looking for. Furthermore, `telnet 127.0.0.1 8080` times out, which confirms that the ss command output is accurate. – James Dec 14 '13 at 20:43
Times out? Did you firewall the lo interface?! – Michael Hampton Dec 14 '13 at 20:46
Telnet output is this: "Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. Connection closed by foreign host." I haven't configured any firewall rules. As I've said, this is a completely fresh CentOS install. Regardless, it seems that an iptables rule would not stop port 8080 from showing up on an ss command, which seems to be the actual problem. – James Dec 14 '13 at 20:56
Well, aside from Tomcat closing the connection, it seems to be working. Of course, you probably don't want Tomcat to do that, but why it is doing that might be something to do with the way it's been configured. – Michael Hampton Dec 14 '13 at 20:58

Tomcat doesn't appear to work out of the box on a fresh CentOS 6.5. Am I missing something?

1 Answers1