> In general it's kind of dumb on modern hardware to expire sessions
> that are still exchanging TCP keepalives unless you're under extreme
> pressure from a DoS attack or somesuch.
Indeed, I'd be *very* surprised if a connection was dropped despite
exchange of TCP keepalives. It seems much more likely that the
keepalives aren't used by the application (quite common and normal) or
that they get filtered somewhere.
> But people rarely get to choose the other end's firewall
> configuration, so enter kludges like the ssh protocol keepalives.
According to `man ssh(d)_config` one reason to use SSH's `Clientalive` or
`ServerAlive` is that, contrary to TCP keepalives, it can't be spoofed.
Stefan
