Jason Gerry <[EMAIL PROTECTED]> wrote:
>
> Oracle opens a TCP/IP connection that, I believe, stays active by the
> server sending 'keep-alive' packets (don't know if I've got my
> terminology right) to the clients
TCP connections don't normally need "keep-alive" data sent to them, but
the keep-alive packets are indeed used in order to locate and kill hung
or dead connections.
> The problem is that the connection isn't kept up, it's dropped due to
> inactivity.
I guess Oracle doesn't use keep-alives, but probably depends on the
underlying OS to do this for it. That makes sense.
> I guess the client machines aren't getting those keep-alive packets.
> The packets aren't getting through the MASQed connection.
TCP keep-alives normally don't even START to get sent until some huge
amount of inactivity time has passed. That time is generally in the
range of two HOURS. So you should at least have your masq timeouts set
to two hours (three would probably be a good idea) in order to gain the
benefit of keep-alive packets.
Depending on your Oracle server's OS (and the Oracle clients' OS), the
keep-alive times might be tunable. Or maybe not.
> I've kinda solved the problem by turning up the timeouts on TCP connections:
>
> ipchains -S 1800 300 300
Turning up the TCP/active timeout is okay, as far as I'm concerned (I
turn mine up to 4 hours), but the TCP/FIN timeout doesn't need to be
five minutes. It's only used for connections that get closed early, to
clean up stray packets on the net. The TCP spec says that only two
minutes is required, and lower times, like 30 seconds, would seem to be
quite adequate, even for the slowest serial connection. You should
lower it, to help free up masq ports.
> It's not a great solution as the server sometimes runs out of ports
> above 61000.
If you really do have ~4000 connections open at once through your masq
server, you're in trouble. You can increase the number of ports,
though, with some kernel-recompiling. But if you don't tune the
parameters, you'll just keep running out.
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
