Subject: Re: IP-in-TCP?
To: None <tech-net@netbsd.org>
From: Gert Doering <gert@greenie.muc.de>
List: tech-net
Date: 02/02/2005 11:52:12
Hi,

On Wed, Feb 02, 2005 at 09:40:30PM +1100, Daniel Carosone wrote:
> On Wed, Feb 02, 2005 at 09:44:39AM +0100, Gert Doering wrote:
> > TCP will not *really* save you here.  If the idle period is long enough,
> > and the NAT device is stupid enough, it might very well time out your
> > TCP NAT table entry (without telling the endpoints, of course).
> 
> That's what TCP keepalives are for.  NTP is handy (or annoying,
> depending on your perspective) for keeping links non-idle, too.

TCP keepalives are usually sent once per hour or so (did some googling:
default on most unixes seems to be 2 hours), which is enough to clean 
up "dead" TCP connections, but usually not enough to keep open over-eager 
NAT routers.

(This is the reason why, for example, OpenSSH contains a protocol-level
keepalive mechanism, which sends packets much more frequently).

gert


-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert@greenie.muc.de
fax: +49-89-35655025                        gert@net.informatik.tu-muenchen.de