[lug] tcp keepalive

bdoctor at nda.com bdoctor at nda.com
Wed Oct 13 12:02:22 MDT 1999 

With IPchains:

/sbin/ipchains -A forward -j MASQ -s <source address> -d
<destination>
/sbin/ipchains -A forward -j MASQ -s 10.0.0.0/255.0.0.0 -d
0.0.0.0/0.0.0.0

/sbin/ipchains -M -S 999999999 0 0

The last one is important, I've had sessions live overnight,
whereas before it would disconnect, as you describe.  It's
lovely :)

-brad

Michael Deck wrote:
> 
> I'm having a problem with network session timeouts that you all might be
> able to help with. This began because I noticed that I was getting
> disconnected from Netmeeting sessions after about half an hour of
> inactivity. Since I'm using Linux as a router for an otherwise Win95
> network, the fine folks at M$ tech support started to point at the router
> as the problem. I pooh-poohed this but then I tried going to the internet
> via dialout ISP (rather than Linux-routed ISDN) and Eheu! no disconnect. I
> was still skeptical but then I noticed another problem. I'm running an
> application that accesses a Postgres database across the Internet. It makes
> a connection then does a lot of computation then wants to re-access the
> connection. After about half an hour (!) if there's no database activity,
> it can't re-establish the connection. So now I'm thinking, maybe there's
> something to what M$ said. They maid noises about tcp keepalives being sent
> (or not).
> 
> After a frustrating hour of searching usenet and the man pages (but not
> knowing really what I'm searching for) I came away with the impression that
> there is something I need to do to make my system always send keepalives
> over any TCP/IP connection, but I don't exactly know what it is. I'm
> hesitant to just start fiddling. It's also possible that my firewall is
> holding up the packets tho I think it's permitting almost all *outbound*
> traffic.
> 
> Can someone point me to the right man page or docs, or provide a little
> guidance about how to fix this? I'm running stock RH5.1 (kernel 2.0.36).
> 
> TIA,
>   Mike
> 
> Michael Deck
> Cleanroom Software Engineering, Inc.
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

-- 
Brad Doctor
Manager of System and Network Administration
NDA, An Interliant Company
www.nda.com			303-825-4124
	-	-	-	-	-	
There are no rules for March.  March is spring, sort of,
usually, March

More information about the LUG mailing list