The server is waiting for tcp/ip disconnect, which is
never coming
because the firewall eats this, resulting in backends
waiting to death.
Again: you'll have to request your sysadmin to fix the
firewall, at
least on that pgsql port for internal use. Timeouts
simply don't make
sense here. You won't have DOS attacks internally, I
hope (if you do,
locate the aggressor, and eliminate him).
The architecture just doesn't fit here - it's two LANs connected over a
VLAN, so the firewall is between us and the open internet, even though
the PG-server is in it's own LAN. I can not fix the firewall, it's not
in my jurisdiction and I cannot take it there. Changing
firewall-settings is simply not an option for me. I see that there's no
way that you would consider implementing a keep-alive feature. That's
fine, I shall have to live with the issue. Sorry to have asked in the
first place.
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
