Subject: Re: IP-in-TCP?
To: None <tech-net@netbsd.org>
From: Gert Doering <gert@greenie.muc.de>
List: tech-net
Date: 02/02/2005 11:52:12
Hi,
On Wed, Feb 02, 2005 at 09:40:30PM +1100, Daniel Carosone wrote:
> On Wed, Feb 02, 2005 at 09:44:39AM +0100, Gert Doering wrote:
> > TCP will not *really* save you here. If the idle period is long enough,
> > and the NAT device is stupid enough, it might very well time out your
> > TCP NAT table entry (without telling the endpoints, of course).
>
> That's what TCP keepalives are for. NTP is handy (or annoying,
> depending on your perspective) for keeping links non-idle, too.
TCP keepalives are usually sent once per hour or so (did some googling:
default on most unixes seems to be 2 hours), which is enough to clean
up "dead" TCP connections, but usually not enough to keep open over-eager
NAT routers.
(This is the reason why, for example, OpenSSH contains a protocol-level
keepalive mechanism, which sends packets much more frequently).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert@greenie.muc.de
fax: +49-89-35655025 gert@net.informatik.tu-muenchen.de