Clovertech

Reply To: firewall problems and workarounds –

Clovertech Forums Read Only Archives Cloverleaf Cloverleaf firewall problems and workarounds – Reply To: firewall problems and workarounds –

October 27, 2005 at 7:14 pm #57654
Anonymous
Participant

    I found this associated with windows based systems.  It looks like a standard implementation of tcp includes a default keep alive at 2 hours with a socket open with keepalive modifying it for that socket only. And of course other parms that will cause the socket to close after several failures of the keepalive ack.

    I am in the porcess of setting this up between an aix and windows system with a brain dead firewall (60 min global timeout,no notification) and will post the results.

    http://www.winguides.com/registry/display.php/891/

    and this from another website

    I-322 If your aborted sessions aren’t properly cleaned up or if your idle but live sessions are dropped inadvertently, you may need to adjust these two registry parameters.

    Hive: HKEY_LOCAL_MACHINE

    Key: SystemCurrentControlSetServicesTcpipParameters

    Value Name: KeepAliveTime

    Data Type: REG_DWORD

    Value: 7,200,000  

    I-323 Hive: HKEY_LOCAL_MACHINE

     Key: SystemCurrentControlSetServicesTcpipParameters

     Value Name: KeepAliveInterval

     Data Type: REG_DWORD

     Value: 1000  

    Both values are in milliseconds. The default value for KeepAliveTime is 7,200,000, or 2 hours, and the default for KeepAliveInterval is 1000, or 1 second. KeepAliveTime governs how often Windows NT sends a keep alive packet. A specific application can request that keep-alive packets be sent. If the target system is able, it responds with an acknowledgment. The KeepAliveInterval works with the KeepAliveTime and governs how often keep-alive packets are sent until an acknowledgment is received. If the target machine doesn’t respond and the number of retries exceeds the value of TCPMaxDataRetransmissions, the connection is terminated. Restart your machine for any changes to take effect.

    Looking at this, the implication is

    KeepAliveTime governs how often Windows NT sends a keep alive packet  – every 2 hours the system send a keepalaive packet

    A specific application can request that keep-alive packets be sent. If the target system is able, it responds with an acknowledgment. The KeepAliveInterval works with the KeepAliveTime and governs how often keep-alive packets are sent until an acknowledgment is received.

    implication – if an app opens a socket with keepalive, a keep alive will be sent every second, if no keepalive ack after 2 hours, ….  While not specifically stated I am assuming the connection may closed ? I thing the other parameters play a bigger part in closing the connection on keepalive timeouts