On Tue, Sep 29, 2020 at 10:44:13AM -0400, Michael Stone wrote: > On Tue, Sep 29, 2020 at 04:34:06PM +0200, tomas@tuxteam.de wrote: > >Setting the socket option to keep alive "fixed" that. > > You were lucky. ssh does that by default, so if ssh sessions are > getting killed these days it's because the firewall ignores tcp > keepalives when calculating timeouts. If you're in such an > environment and can't fix the firewall, then every application needs > to be written to explicitly > exchange data when idle to keep connections alive. It wasn't ssh in this case. It was a (Perl DBI) database connection, which, by default, is silent on inactivity. So after one hour, the NAT dropped it. To set the keepalive option, I had to convince the application provider to update its (then already paleontological) Perl version to one in which setting the keepalive socket option was possible. In the end, that helped. (I first tried to talk the customer into hitting their data centre provider with a Thick Ethernet cable, but wasn't successful, alas). This was anoter long story on its own :) If the above NAT is killing entries which send keepalives then a Thick Ethernet cable probably won't help either. That's downright malicious. Cheers - t
Attachment:
signature.asc
Description: Digital signature