Subject: Re: IP-in-TCP?
To: None <>
From: Gert Doering <>
List: tech-net
Date: 02/02/2005 11:52:12

On Wed, Feb 02, 2005 at 09:40:30PM +1100, Daniel Carosone wrote:
> On Wed, Feb 02, 2005 at 09:44:39AM +0100, Gert Doering wrote:
> > TCP will not *really* save you here.  If the idle period is long enough,
> > and the NAT device is stupid enough, it might very well time out your
> > TCP NAT table entry (without telling the endpoints, of course).
> That's what TCP keepalives are for.  NTP is handy (or annoying,
> depending on your perspective) for keeping links non-idle, too.

TCP keepalives are usually sent once per hour or so (did some googling:
default on most unixes seems to be 2 hours), which is enough to clean 
up "dead" TCP connections, but usually not enough to keep open over-eager 
NAT routers.

(This is the reason why, for example, OpenSSH contains a protocol-level
keepalive mechanism, which sends packets much more frequently).


USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany                   
fax: +49-89-35655025