[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Re: Stuck Connections

Subject: Re: [cobalt-users] Re: Stuck Connections
From: "Gerald Waugh" <gerald@xxxxxxxxx>
Date: Wed Oct 3 14:44:12 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

gsh wrote
> Ok, as an aside here, having connections repeatedly get stuck in FIN_WAIT
> is often a sign of a poorly configured firewall on the clients end,
> happens when they go nuts and block all kinds of ICMP traffic and
> inadvertantly make it impossible for the client machine to finish telling
> the server that it is closing the connection. The server than ends up
> waiting around for quite a while before it decides it's not gonna get any
> data, not gonna get an error, not gonna get a reset, and finally decides
> to assume a closed socket....it can take half a day for it to give up
> 
Interesting!

Which icmp traffic should one block?
Do you have some ipchains rules to use?

I just looked at proftpd.conf
and they do not use several parameters
TimeoutLogin seconds   #Default is 300
TimeoutIdle seconds       #Default if 600
TimeoutNoTransfer seconds #Default 300
TimeoutStalled seconds  #Default is 3600

Now wouldn't you think that these would kill the process.
Unless some of these may be set to 0, which is for ever.
Is there a way to query these parameters?
Or should one set them implicitly?
Gerald

References:
- [cobalt-users] Re: Stuck Connections
  - From: flash22

Prev by Date: Re: [cobalt-users] Moving SSL to Raq3
Next by Date: [cobalt-users] Cobalt En Espanol?
Previous by thread: [cobalt-users] Re: Stuck Connections
Next by thread: Re: [cobalt-users] (no subject)

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index