Subject: Re: IP-in-TCP?
To: Seth Kurtzberg <firstname.lastname@example.org>
From: Steven M. Bellovin <email@example.com>
Date: 02/02/2005 15:32:10
In message <4201370D.firstname.lastname@example.org>, Seth Kurtzberg writes:
>Gert Doering wrote:
>>TCP keepalives are usually sent once per hour or so (did some googling:
>>default on most unixes seems to be 2 hours), which is enough to clean
>>up "dead" TCP connections, but usually not enough to keep open over-eager
The two hour figure is from Section 22.214.171.124 of RFC 1122.
>That's just a default. Usually you can override the default with a
>setsockopt call, or an ioctl call, depending on the O/S.
It's a sysctl on NetBSD>
>However, I've found in many cases that TCP keepalive is simply broken
>(not in NetBSD, but broken anywhere along the path is broken for the
Hmm -- details? I'm surprised that anything else notices.
>>(This is the reason why, for example, OpenSSH contains a protocol-level
>>keepalive mechanism, which sends packets much more frequently).
Not a bad idea, though from what I can see it's solely a server option;
there's no way a client -- say, one behind a @#$%^ NAT box -- can
generate such messages (at least not that I see from a quick glance at
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb