Hi Björn! Sorry for the late reply, I was on vacation.
You are correct, keep-alives fell victim to the upgrade to Tokio 1.0 and then we forgot to bring it back. I have re-opened the original issue[0] with an aim to fix it in the next release. Apologies and cheers, Martin [0]: https://github.com/NLnetLabs/routinator/issues/320 Björn Karlsson via RPKI wrote: > Yep, that’s the workaround I’ve deployed, more frequent refreshes and > this helps since fw state info does not timeout. I had a pretty long > refresh time set before (1h) but since I have Routinator refresh > timer setup 1h it doesn’t really matter if I decrease the RTR refresh > timer. > > From looking at the code it seems support for tcp keepalives was > removed in 0.10.0 since it disappeared from tokio(?). And since it > used the system default 75s rather the configured 60, it probably > didn’t work in 0.8.2 either. > > I would argue the default should be to use the system default setting > rather than no keepalives, though. > > Thanks, > > —BC > > > On 30 Aug 2021, at 19:42, Tony Tauber <[email protected]> wrote: > > > > In some early lab testing I did, I noticed that RTR sessions were > > often resetting every 10 minutes. The reason I discerned was there > > was an intervening firewall which must've had a 10 minute > > auto-flush of stale state info. Rather than trying to fight a > > losing battle with firewall folks (also with possible collateral > > effects), I found it easier to configure the client to refresh more > > often. For example, on Cisco IOS-XR, the "refresh-time 300" > > parameter (5-minute refresh) helped my situation. > > > > I haven't yet gotten Routinator v0.10.0 deployed so not sure about > > what we're seeing, but architecturally maybe it's weird for the > > server (vs. client) to send the keepalives? > > > > Tony > > > > On Fri, Aug 27, 2021 at 4:19 PM Björn Karlsson via RPKI > > <[email protected] <mailto:[email protected]>> wrote: > > Hello, > > > > Did something change with the handling of tcp keepalives between > > version 0.8.2 and 0.10.0? > > > > I recently upgraded one of two servers to 0.10.0 and after the > > upgrade I don’t see keepalives which I do from the 0.8.2 server > > (and previously, before the upgrade, from the upgraded server). > > > > Same configuration for both servers, default: > > > > rtr-tcp-keepalive = 60 > > > > When I check with tcpdump there are no keepalives from the 0.10.0 > > server but roughly 75s (system default) from the 0.8.2 version. > > Also, doing a show tcp packet-trace on the Cisco shows the same. > > > > I’m trying to debug a problem where the session to the 0.10.0 > > server is reset roughly once per hour (which is the refresh time). > > Since the session is through a firewall I suspect I need the > > keepalives.. > > > > Thanks, > > > > —BC > > > > > > -- > > RPKI mailing list > > [email protected] <mailto:[email protected]> > > https://lists.nlnetlabs.nl/mailman/listinfo/rpki > > <https://lists.nlnetlabs.nl/mailman/listinfo/rpki> > -- RPKI mailing list [email protected] https://lists.nlnetlabs.nl/mailman/listinfo/rpki
