[ale] Idle Sockets vs. Firewall question
Christopher Fowler
cfowler at outpostsentinel.com
Fri Oct 20 11:57:26 EDT 2006
If you control the device at the other end I would tweak the
tcp_keepalive settings in the kernel. Maybe drop it down from 2 hours
to 10 minutes. I do not know if the firewalls will consider that
traffic or not.
On Fri, 2006-10-20 at 10:46 -0400, Greg Freemyer wrote:
> All,
>
> I'm wondering if it is common for firewalls to close idle sockets
> after a period of time?
>
> === Details
> I have a Java application that has been in service for years (since
> 1999 IIRC), but on a private satellite based data network (vsat).
>
> We're in the process of moving it to the Internet (which means random
> firewalls at out client locations), and now we're getting complaints
> about non-delivered messages/notifications.
>
> The way we handle notification is to have the client open a socket to
> the server and just leave it open (and idle) for hours at a time.
> Then when a message needs to be delivered the server simply sends it
> down the existing socket.
>
> Since this is basically the same code that has been in use for a while
> I doubt that it is a basic client/server issue. Seems much more
> likely it is the network between the 2 which now is a much less
> controlled environment than it was with dedicated satellite gear.
>
> Any other ideas are welcome.
>
> Thanks
> Greg
> --
> Greg Freemyer
> The Norcross Group
> Forensics for the 21st Century
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list