Re: TCP_CONNTRACK_ESTABLISHED 5days
From: Mogens Valentin
Date: Wed May 04 2005 - 06:24:37 EST
Henrik Nordstrom wrote:
On Mon, 2 May 2005, Mogens Valentin wrote:
I fail to understand why TCP_CONNTRACK_ESTABLISHED has to be 5 days.
The likelyhood for valid TCP connections without a single packet for
some days is relatively high. Consider for example a SSH or telnet
session left open over the weekend (without TCP keepalives enabled).
Well, maybe.. WRT ssh, this can be solved with something like
ClientAliveInterval 20; ClientAliveCountMax 15
giving a lifetime of 5mins before sshd disconnects, enough for me, since
I never like keeping ssh sessions open (but thats just me).
Guess TCP_CONNTRACK_ESTABLISHED is something we'll have to set
individually, according to use and conciousness :-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html