On Mon, Oct 25, 2004 at 03:31:11PM -0400, Steven M. Bellovin wrote:
> In message <200410251920.i9PJKZoJ022707@herd.plethora.net>, Peter Seebach write
> s:
> >In message <20041025191757.GA1367@antioche.eu.org>, Manuel Bouyer writes:
> >>On Mon, Oct 25, 2004 at 01:30:29PM -0500, Peter Seebach wrote:
> >>> In message <20041025181938.GB705@antioche.eu.org>, Manuel Bouyer writes:
> >>> >Do you have keepalive turned on, and at which rate ?
> >>> >This could be a difference in setup on the client side.
> >>> 
> >>> net.inet.tcp.keepidle = 14400
> >>> net.inet.tcp.keepintvl = 150
> >>> net.inet.tcp.keepcnt = 8
> >>> 
> >>> Maybe I should change these?
> >>
> >>Maybe decrease keepintvl (and increase keepcnt).
> >>But first, check KeepAlive in ssh_config and sshd_config
> >
> >sshd_config didn't have it set - but the sshd side is working fine with
> >my friend's laptop.
> >
> >Interestingly, the default is "yes".  And it's not turned off.  So it
> >should be keeping the connection alive, and noticing problems.  But it
> >doesn't; it just hangs.
> >
> 
> It really sounds a lot like a NAT or firewall dropping state.  It all 

A NAT gateway will not send a TCP RST if it has dropped state, thus saying
"no socket bound to that [no longer translated] port" ?

Dave

-- 
David Young             OJC Technologies
dyoung@ojctech.com      Urbana, IL * (217) 278-3933