Subject: Re: ssh connections dropping...?
To: None <firstname.lastname@example.org>
From: Wolfgang S. Rupprecht <wolfgang+gnus20041025T144736@dailyplanet.dontspam.wsrcc.com>
Date: 10/25/2004 14:59:19
> >>different keepalive timeouts? A tunneled pop connection that's polled
> >>often enoug?
> >No tunneling I know of. OS X's default keepalive timeout is about 10x
> One easy test is to run something like
> while true
> do echo -n .
> sleep 60
A buddy of mine had some kind of lame NAT box that would regularly
lose state on a quiet connection. The simplest test was to add this
# Set the keep-alive for a heartbeat every 60 seconds and a connection
# close after 30 minutes. -wsr 2003/11/26
Note, this facility isn't a tcp-level keep-alive, but a keep alive
sent by sshd itself inside the ssh tunnel. The stated goal is to keep
attackers from keeping the tunnel open by tcp spoofing attacks. I
can't get too excited about that attack, but the fact that the
user-accessible knobs let you tune the "ping" interval and the max
drops is pretty darn useful. The two extra packets a minute seem like
a small price to pay for keeping the NAT boxes of the world happy.
And yes, that did the trick. There were no more drops after turning
Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/