IBM Support

PM35469: NETWORK FRAGMENTATION OCCURS WITH SSL AND MOD_DEFLATE.

Fixes are available

7.0.0.19: WebSphere Application Server V7.0 Fix Pack 19
7.0.0.21: WebSphere Application Server V7.0 Fix Pack 21
7.0.0.23: WebSphere Application Server V7.0 Fix Pack 23
7.0.0.25: WebSphere Application Server V7.0 Fix Pack 25
7.0.0.27: WebSphere Application Server V7.0 Fix Pack 27
7.0.0.29: WebSphere Application Server V7.0 Fix Pack 29
6.1.0.47: WebSphere Application Server V6.1 Fix Pack 47
7.0.0.31: WebSphere Application Server V7.0 Fix Pack 31
7.0.0.27: Java SDK 1.6 SR13 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.33: WebSphere Application Server V7.0 Fix Pack 33
7.0.0.35: WebSphere Application Server V7.0 Fix Pack 35
7.0.0.37: WebSphere Application Server V7.0 Fix Pack 37
7.0.0.39: WebSphere Application Server V7.0 Fix Pack 39
7.0.0.41: WebSphere Application Server V7.0 Fix Pack 41
7.0.0.43: WebSphere Application Server V7.0 Fix Pack 43
7.0.0.45: WebSphere Application Server V7.0 Fix Pack 45
6.1.0.39: Java SDK 1.5 SR12 FP4 Cumulative Fix for WebSphere Application Server
6.1.0.41: Java SDK 1.5 SR12 FP5 Cumulative Fix for WebSphere Application Server
6.1.0.43: Java SDK 1.5 SR13 Cumulative Fix for WebSphere Application Server
6.1.0.45: Java SDK 1.5 SR14 Cumulative Fix for WebSphere Application Server
6.1.0.47: Java SDK 1.5 SR16 Cumulative Fix for WebSphere Application Server
7.0.0.19: Java SDK 1.6 SR9 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.21: Java SDK 1.6 SR9 FP2 Cumulative Fix for WebSphere
7.0.0.23: Java SDK 1.6 SR10 FP1 Cumulative Fix for WebSphere
7.0.0.25: Java SDK 1.6 SR11 Cumulative Fix for WebSphere Application Server
7.0.0.27: Java SDK 1.6 SR12 Cumulative Fix for WebSphere Application Server
7.0.0.29: Java SDK 1.6 SR13 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.45: Java SDK 1.6 SR16 FP60 Cumulative Fix for WebSphere Application Server
7.0.0.31: Java SDK 1.6 SR15 Cumulative Fix for WebSphere Application Server
7.0.0.35: Java SDK 1.6 SR16 FP1 Cumulative Fix for WebSphere Application Server
7.0.0.37: Java SDK 1.6 SR16 FP3 Cumulative Fix for WebSphere Application Server
7.0.0.39: Java SDK 1.6 SR16 FP7 Cumulative Fix for WebSphere Application Server
7.0.0.41: Java SDK 1.6 SR16 FP20 Cumulative Fix for WebSphere Application Server
7.0.0.43: Java SDK 1.6 SR16 FP41 Cumulative Fix for WebSphere Application Server

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Use of mod-deflate with SSL can cause network fragmentation.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM HTTP Server users who use SSL and have  *
    *                  also enabled the optional mod_deflate       *
    *                  module                                      *
    ****************************************************************
    * PROBLEM DESCRIPTION: Responses are fragmented into many      *
    *                      smaller packets when the mod_deflate    *
    *                      and mod_ibm_ssl modules are both used.  *
    ****************************************************************
    * RECOMMENDATION:  Apply this fix if using both SSL and the    *
    *                  mod_deflate module.                         *
    ****************************************************************
    The fix is disabled by default.  The new environment variable
    'IHS_SSL_SEND_MERGE' must be defined in order to enable the fix.
    
    For example, on a Unix Operating system you could edit
    bin/envvars and add these lines:
    
    IHS_SSL_SEND_MERGE=x
    export IHS_SSL_SEND_MERGE
    
    (where "x" can be anything - its actual value doesn't matter.)
    

Problem conclusion

  • A fix is being provided to resolve network fragmentation when
    using mod_deflate with SSL.
    
    This fix is targeted for IBM HTTP Server fixpacks:
    - 6.1.0.39
    - 7.0.0.19
    
    Future releases of IBM HTTP Server will act as if the property
    IHS_SSL_SEND_MERGE is always set, and the behavior cannot be
    disabled.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM35469

  • Reported component name

    IBM HTTP SERVER

  • Reported component ID

    5724J0801

  • Reported release

    61A

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2011-03-23

  • Closed date

    2011-04-01

  • Last modified date

    2011-04-18

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    IBM HTTP SERVER

  • Fixed component ID

    5724J0801

Applicable component levels

  • R61A PSY

       UP

  • R61H PSY

       UP

  • R61I PSY

       UP

  • R61S PSY

       UP

  • R61W PSY

       UP

  • R61Z PSY

       UP

  • R700 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
07 September 2022