DNS Reverse Lookups Creating Significant Performance Issues

[ram-ibm]

Describe the bug I am working with a customer to analyze performance issues with IBM Security Verify Access Appliance. This has WebSphere Liberty running inside of it. The appliance has IPv6 configured. Calls to LDAP server are making a DNS lookup using IPv6 that are timing out after 5seconds. This is causing unnecessary delays.

We are working around the issue by coding local /etc/hosts entries for the LDAP servers (and Oracle as well) to avoid the DNS lookup issue. This is, unfortunately, not a tenable solution - since there are too many servers to maintain /etc/host entries.

Providing a stack trace obtained from glowroot agent data used for analyzing.

Steps to Reproduce Configure IPv6 on a Server that has Liberty Running Make sure local DNS does not support IPv6 Trying making connections to LDAP or Oracle (it is possible other servers have similar issue)

Expected behavior We need a way to either avoid the IPv6 lookups and/or avoid the reverse lookup all together.

Diagnostic information:

• product = WebSphere Application Server 19.0.0.7 (wlp-1.0.30.cl190720190711-1115)
• wlp.install.dir = /opt/ibm/wlp/
• server.config.dir = /opt/IBM/wlp/usr/servers/runtime/
• java.home = /opt/ibm/java-x86_64-80/jre
• java.version = 1.8.0_191
• java.runtime = Java(TM) SE Runtime Environment (8.0.5.27 - pxa6480sr5fp27-20190104_01(SR5 FP27))
• os = Linux (3.10.0-862.14.4.el7_1.iss8_1.28.x86_64; amd64) (en_US)
• process = 29180@135.28.180.15

Additional context Explored JVM options to turn off the Security Manager, dont think that is viable. IPv6 is needed for this server - so we cannot turn it off entirely.

[ram-ibm]

We are going to try using this setting to suppress IPv6 based DNS lookups: -Djava.net.preferIPv4Stack=true

Still unclear why a reverse lookup is happening and if we have control over that?