>> "A. Schulze" <sca(a)andreasschulze.de> schrieb
am 26.03.2019 um 14:59 in
Nachricht
<89c3ef23-e670-d4ae-a189-74135643c014(a)andreasschulze.de>:
Am 26.03.19 um 07:58 schrieb Ulrich Windl:
> I don't understand that: Keepalive (as I know it) has nothing to do with
idle
> connections, but only with dead connections.
Any statefull firewall will reset/drop/delete/discard a connections state
information
from it's internal connection table after some time if no traffic was seen
(for example for 5 minutes)
Actually a bad idea: A few years again I wrote a TCP redirector that had problems:
First, I had no timeout, so dead connections could not be detected, so I added a timeout.
Second, idle connections timed out, so I added keep-alive.
Then I was happy.
It seems LDAP connections here also live for a very long time, sometimes idle for
hours...
Regards,
Ulrich