"A. Schulze" sca@andreasschulze.de schrieb am 26.03.2019 um 14:59 in
Nachricht 89c3ef23-e670-d4ae-a189-74135643c014@andreasschulze.de:
Am 26.03.19 um 07:58 schrieb Ulrich Windl:
I don't understand that: Keepalive (as I know it) has nothing to do with
idle
connections, but only with dead connections.
Any statefull firewall will reset/drop/delete/discard a connections state information from it's internal connection table after some time if no traffic was seen (for example for 5 minutes)
Actually a bad idea: A few years again I wrote a TCP redirector that had problems: First, I had no timeout, so dead connections could not be detected, so I added a timeout. Second, idle connections timed out, so I added keep-alive. Then I was happy.
It seems LDAP connections here also live for a very long time, sometimes idle for hours...
Regards, Ulrich