Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sat, 23 Dec 2000 21:23:44 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sat, 23 Dec 2000 21:23:34 -0500 Received: from blackbird.intercode.com.au ([203.32.101.10]:1290 "EHLO blackbird.intercode.com.au") by vger.kernel.org with ESMTP id ; Sat, 23 Dec 2000 21:23:18 -0500 Date: Sun, 24 Dec 2000 12:52:12 +1100 (EST) From: James Morris To: Cesar Eduardo Barros cc: David Schwartz , Subject: Re: TCP keepalive seems to send to only one port In-Reply-To: <20001223223814.A2281@flower.cesarb> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 23 Dec 2000, Cesar Eduardo Barros wrote: > Then what do you do when you are behind a NAT? And how do you expire entries in > ESTABLISHED state that could stay lingering forever without some sort of > keepalive? (The FINs might have been lost due to a conectivity transient, so > you can have another perfectly valid and alive connection with the same host, > and application-level timeouts are useless for some applications > (*cough*nc*cough*)) Typically, you choose a practical value for timing out inactive but otherwise seemingly established TCP connections. The 2.4 connection tracking code (used for NAT) uses a value of five days for this. - James -- James Morris - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/