From d3004aae45cb168f64b17f12312e037a1688e4f0 Mon Sep 17 00:00:00 2001 From: Jim Schaff Date: Thu, 7 May 2026 10:42:39 -0400 Subject: [PATCH] Don't cache failed DNS lookups in the desktop client MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When a laptop wakes from sleep, transient DNS resolution failures get cached by Java's InetAddress cache. Our continuous polling loop then hits the cached failure faster than the 10s default negative TTL can expire, wedging the client at "connecting…" until the user restarts it. The OS resolver is fine — `host vcell-dev.cam.uchc.edu` returns the correct IP — but the JVM never re-queries it. Set Security properties at the top of main(), before any DNS lookup: - networkaddress.cache.ttl=30 (modest positive cache, matches the non-SecurityManager default but makes it explicit and stable) - networkaddress.cache.negative.ttl=0 (never cache failures; recover immediately when DNS comes back) Asymmetric TTL is the established pattern for long-running JVMs that need to recover from transient DNS issues — see AWS SDK and Oracle networking-properties guidance. Programmatic Security.setProperty is the only reliable mechanism: -D JVM args don't bridge to security properties, and -Dsun.net.inetaddr.ttl is undocumented in modern Java. Observed in user log: >> polling failure << vcell-dev.cam.uchc.edu: nodename nor servname provided, or not known (repeating, after laptop sleep/wake) Co-Authored-By: Claude Opus 4.7 (1M context) --- .../src/main/java/cbit/vcell/client/VCellClientMain.java | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/vcell-client/src/main/java/cbit/vcell/client/VCellClientMain.java b/vcell-client/src/main/java/cbit/vcell/client/VCellClientMain.java index 5fcfe9621b..b1f3c48f63 100644 --- a/vcell-client/src/main/java/cbit/vcell/client/VCellClientMain.java +++ b/vcell-client/src/main/java/cbit/vcell/client/VCellClientMain.java @@ -80,6 +80,14 @@ private VCellClientMain() { * @param args an array of command-line arguments */ public static void main(java.lang.String[] args) { + // Recover gracefully when DNS lookups fail transiently (e.g. laptop wake from sleep). + // Java's default 10s negative-result cache combined with our continuous polling loop + // wedges the client at "connecting…" until restart, because the polling interval is + // shorter than the cache TTL so the cached failure never expires. A short positive + // TTL still gives reasonable cache locality without holding stale entries indefinitely. + java.security.Security.setProperty("networkaddress.cache.ttl", "30"); + java.security.Security.setProperty("networkaddress.cache.negative.ttl", "0"); + System.out.println("starting with arguments " + Arrays.asList(args)); int exitCode = 1; try {