> > Considering the number of hosts on the net today, which come and > go with no warning and with dynamic IP assignments, I would propose > that we disregard what the "old farts" felt about TCP keepalives, > and enable the sysctl net.inet.tcp.always_keepalive as default. > > Setting this will make all TCP connections send a probing ACK every > couple of hours if no other activity were present on the connection, > this enables the TCP stack to figure out if the other end has gone > or is still there. > > The typical symptom that you need this is that netstat shows many > connections which have been standing there for any amount of time > up to your uptime, simply because your machine is waiting to receive > something from the other end, and for all practical purposes, "the > other end" doesn't exist anymore.
I have no problem with this, though the traffic load created by the aggregate base of installed FreeBSD boxes over the global internet might even be measurable :-). > > The argument against is that this will increas trafic and keep > dynamic lines up when they should otherwise have been allowed to > fall down. > > The former argument doesn't hold water, since we're talking about > a TCP segment per hour (or less) per connection. > > The second argument falls on the same reasoning in my book, I don't > know of any on-demand lines with a timeout longer than 10 minutes > anyway. Well, we run many at 1 to 3 hours, but then they have ``activity filters'' that could be tweaked to not consider these packets as real traffic so they would still timeout. I would rather save the connection table for things that are useful than save a few port/hours of connect time :-). This may have more drastic effects for others though. -- Rod Grimes - KD7CAX - (RWG25) rgri...@gndrsh.aac.dev.com Accurate Automation, Inc. Reliable computers for FreeBSD http://www.aai.dnsmgr.com To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-current" in the body of the message
