Subject: Re: ipnat question
To: Wojciech Puchar <email@example.com>
From: Bill Sommerfeld <firstname.lastname@example.org>
Date: 07/19/2001 06:38:43
> > it's interesting to note that in src/sys/netinet/ip_state.c, there is
> > a line that says
> > #define FIVE_DAYS (2 * 5 * 86400) /* 5 days: half closed session */
> > although 2 * 5 * 86400 is clearly ten days. anyway, you can find the
> > rest of the default timesouts in that file.
ip_nat.c::natexpire() makes it clear that these are in 2Hz ticks, so 5
days is indeed correct.
> SO LONG timeouts?!
*any* idle timeout in a NAT may result in spuriously dropped