[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: add keepalives as an options to the console tool

Bryan Stansell bryan@conserver.com
Thu, 1 May 2014 21:26:02 GMT


My knowledge on any keepalive "tuning" is minimal.  But, looking at tcp(7) on a linux host, it looks like there are TCP options like TCP_KEEPIDLE that allow you to override the system-level settings, but they are linux specific and it says portable code should not use these options.

So, as far as I understood things (and still do), there's no generic way to adjust timings.  Obviously, it *could* be a linux-specific feature, but that seems non-ideal.  Maybe a console<->conserver keepalive would be best (akin to openssh "server alive" messages)...

If anyone wants to educate me on tuning keepalives (in a portable way), I'm all ears... ;-)

I'll be thinking about things...

Bryan

On May 1, 2014, at 2:06 PM, Denis Hainsworth <denis@alumni.brandeis.edu> wrote:

> Hey Bryan,
> I'll try to test it out soonish.  Does it use the OS default keepalive
> settings?  As linux's is like 2 hours whch is well over when most
> firewalls will kill off a session with no traffic.
> 
> This is why i was thinking of it more as a confurable setting.  Also
> that would allow people who maybe are on sketchy lab networks and would
> rather not have keepalives tearing down things, to be able seet them
> high or disable them.
> 
> -denis
> 
> On Thu, May 01, 2014 at 12:55:48PM -0700, Bryan Stansell wrote:
>> I think having keepalives between client and server has, basically, been an oversight.  They are enabled (when possible) from server to console.  I've attached a quick patch (based on 8.2.0) that compiles and passes "make test".  But that's the extent of the effort on my side so far.  I'd love to know if it solves your problem, as it'll go in 8.2.1.
>> 
>> Bryan
>> 
> 
> 
>> 
>> 
>> 
>> On May 1, 2014, at 12:02 PM, Denis Hainsworth <denis@alumni.brandeis.edu> wrote:
>> 
>>> On Thu, May 01, 2014 at 06:08:37AM -0500, Joe Greco wrote:
>>>>> hello,
>>>>> wanted to mention something that I think would be pretty simple to add,
>>>>> though its clearly a rare issue.
>>>>> 
>>>>> in our case we have several datacenters connected by vpn links.  like
>>>>> most vpns it watches for stale sessions and clears them to keep its
>>>>> state tables reasonably clean.  what was happening was if you were
>>>>> working with the console tool on a device and lets say were waiting to
>>>>> see output or just leaving the connection open for later work you would
>>>>> often find the tcp connection between "console" and the remote
>>>>> conserver.  this was only mildly annoying but since when do we not fix
>>>>> the mildly annoying :)
>>>>> 
>>>>> I took the easy way out and am using libkeepalive to send keepalives on
>>>>> my console connections however it would be a nice to have to add a flag
>>>>> to console to be able to set the tcp_keepalives on the ssl connections
>>>>> it makes.
>>>> 
>>>> Why don't you just enable keepalives globally?  On FreeBSD for example
>>>> that's been net.inet.tcp.always_keepalive=1 for many years.
>>> 
>>> Its certainly one option but folks dont always have access to the global
>>> options or your IT/sysadmin dept may not want to for valid/invalid
>>> reasons.  I always like when I can enable such things on a per program
>>> basis.
>>> 
>>> -denis
>>> _______________________________________________
>>> users mailing list
>>> users@conserver.com
>>> https://www.conserver.com/mailman/listinfo/users
>> 
> 
>> _______________________________________________
>> users mailing list
>> users@conserver.com
>> https://www.conserver.com/mailman/listinfo/users
> 
> 
> -- 
> __________________________
> Denis Alan Hainsworth     
> denis@alumni.brandeis.edu