On Sat, 23 Dec 2000, Cesar Eduardo Barros wrote:
> Then what do you do when you are behind a NAT? And how do you expire entries in
> ESTABLISHED state that could stay lingering forever without some sort of
> keepalive? (The FINs might have been lost due to a conectivity transient, so
> you can have another perfectly valid and alive connection with the same host,
> and application-level timeouts are useless for some applications
> (*cough*nc*cough*))
Typically, you choose a practical value for timing out inactive but
otherwise seemingly established TCP connections. The 2.4 connection
tracking code (used for NAT) uses a value of five days for this.
- James
-- James Morris <jmorris@intercode.com.au>- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Dec 23 2000 - 21:00:35 EST