Avoiding JVM delays caused by random number generation

The library used for random number generation in Oracle’s JVM relies on /dev/random by default for UNIX platforms. This can potentially block the WebLogic Server process because on some operating systems /dev/random waits for a certain amount of “noise” to be generated on the host machine before returning a result.

Although /dev/random is more secure, it’s recommended to use /dev/urandom if the default JVM configuration delays WebLogic Server startup. To determine if your operating system exhibits this behaviour, try displaying a portion of the file from a shell prompt: head -n 1 /dev/random

If the command returns immediately, you can use /dev/random as the default generator for JVM. If the command does not return immediately, use these steps to configure the JVM to use /dev/urandom:

  1. Open the $JAVA_HOME/jre/lib/security/java.security file in a text editor.
  2. Change the line “securerandom.source=file:/dev/random” to read: securerandom.source=file:/dev/./urandom
  3. Save your change and exit the text editor.

And because there’s a bug in JDK when you use /dev/urandom you have to set it up as /dev/./urandom

You can also set up system property “java.security.egd” which will override the securerandom.source setting.
-Djava.security.egd=file:/dev/./urandom


Posted

in

by

Comments

5 responses to “Avoiding JVM delays caused by random number generation”

  1. krist0ph3r Avatar

    Thanks! Just curious, has this changed with later versions of Java?

  2. Tao Avatar
    Tao

    I seen this from my eclipse config window and wonder what it is. And this is what is. Thanks

  3. Peter Avatar
    Peter

    With respect with the test to determine if your operating system exhibits this behaviour, you should really run the shell command ‘head -n 1 /dev/random’ a few times, because results may vary. In my case, the first two runs returned in milliseconds, only the third took almost three minutes.

    1. Robert Brown Avatar
      Robert Brown

      I ran the test once and it returned instantly. — Glad I read to bottom of page — second run was also instant. I am still waiting for the third try to return – may go to lunch and see if it ever returns.

      RGB

  4. punit porwal Avatar
    punit porwal

    great post to understand this random number generation by jvm

Leave a Reply

Your email address will not be published. Required fields are marked *