Avoiding JVM delays caused by random number generation

The library used for random number generation in Oracle’s JVM relies on /dev/random by default for UNIX platforms. This can potentially block the WebLogic Server process because on some operating systems /dev/random waits for a certain amount of “noise” to be generated on the host machine before returning a result.

Although /dev/random is more secure, it’s recommended to use /dev/urandom if the default JVM configuration delays WebLogic Server startup. To determine if your operating system exhibits this behaviour, try displaying a portion of the file from a shell prompt: head -n 1 /dev/random

If the command returns immediately, you can use /dev/random as the default generator for JVM. If the command does not return immediately, use these steps to configure the JVM to use /dev/urandom:

  1. Open the $JAVA_HOME/jre/lib/security/java.security file in a text editor.
  2. Change the line “securerandom.source=file:/dev/random” to read: securerandom.source=file:/dev/./urandom
  3. Save your change and exit the text editor.

And because there’s a bug in JDK when you use /dev/urandom you have to set it up as /dev/./urandom

You can also set up system property “java.security.egd” which will override the securerandom.source setting.
-Djava.security.egd=file:/dev/./urandom

5 thoughts on “Avoiding JVM delays caused by random number generation”

  1. With respect with the test to determine if your operating system exhibits this behaviour, you should really run the shell command ‘head -n 1 /dev/random’ a few times, because results may vary. In my case, the first two runs returned in milliseconds, only the third took almost three minutes.

    1. I ran the test once and it returned instantly. — Glad I read to bottom of page — second run was also instant. I am still waiting for the third try to return – may go to lunch and see if it ever returns.

      RGB

Leave a Reply

Your email address will not be published. Required fields are marked *