On Thu, Aug 21, 2003 at 10:31:49PM +0000, Michael van Elst wrote:
> [...]
> 
> If the system runs out of mbufs the connection will also fail,
> it doesn't wait indefinitely for free memory to appear. So there
> are conditions, completely outside the TCP protocol, that will
> "kill innocent connections". Why ? Because it is reasonable to do so.

If power goes out, the connection will be broken too.
Still, this, or running out of mbuf, is an exeptionnal event. If it isn't
then you have to do something about it (buy an UPS, or increase the number
of mbufs).

> 
> [...]
> The same could be true for an interface reconfiguration where you don't
> even have to agree with your peer about timeouts. A reasonable timeout
> to drop connections with invalid local addresses would be the time the
> peer would wait for an ACK until _it_ considers the connection dropped
> (assuming it had something to send). It is reasonable because it allows
> busy connections to survive a configuration change that finally ends
> with a valid configuration (== one that makes the socket endpoint valid
> again).

OK, this I can accept. Until now you talked about dropping a connection
when the address becomes invalid, not after a reasonable timeout after the
address becomes invalid.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 24 ans d'experience feront toujours la difference
--