> I think 500 ms is crazy; I bet if you went to IETF everyone would say
> that's abusive.

For general-purpose use on the open Internet, I agree.

But for special-purpose applications like detecting dead machines on
small closed private networks...well, "Unix does not prevent you from
doing stupid things because that would also prevent you from doing
clever things".

This is not to say that I would consider it a bad thing if getting
below, say, 15 seconds required a kernel rebuild.

> If an admin does want to force apps that don't want keepalive, then
> that's another sysctl to override policy but it seems unwarranted.

I'm not so sure.  Back around the turn of the millenium, I hacked my
kernel to force keepalives on for all TCP connections, no matter what
the applicaiton specified, because I was stuck dealing with a NAT box
with an insanely low state timeout (something like 45 seconds) that
kept killing my connections.  If I'd had a sysctl switch I could have
flipped instead of having to hack the source, I would have.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B