[Openswan Users] keepalives?
Tomasz Grzelak
tgrzelak at wktpolska.com.pl
Thu Feb 10 08:16:35 CET 2005
Dnia środa, 9 lutego 2005 21:51, napisałeś:
> > this is what 'tcdump' is telling me:
> > 17:58:51.822273 xx.yy.vv.ww.4500 > aa.bb.cc.dd.4500: udp 60 (DF)
> > 17:58:52.138716 aa.bb.cc.dd > xx.yy.vv.ww:
> > ESP(spi=0x11941194,seq=0x440000) 17:59:00.370924 aa.bb.cc.dd.4500 >
> > xx.yy.vv.ww.4500: udp 1
> > 17:59:20.279912 aa.bb.cc.dd.4500 > xx.yy.vv.ww.4500: udp 1
>
> So Andreas taught me something in his last post. Those are indeed
> keepalives from the NAT-T connection to avoid nat routers from forgetting
> that udp negotiated conenction. I didn't know about these :)
nice to know :)
> >>> I wanted to have them every 3 seconds, so I set 'dpddelay' to 3 but
> >>> there was no difference.
>
> So according to Andreas it is keep_alives=3 :)
so I set up in the 'roadwarrior' section keep_alives to 3, next to 8, and then
a client couldn't have established a connection no matter the value...
strange option... is it really for keepalives? ;)
or maybe this is another stuff not supported by xp?
>
> Though 3 second kep alives seem rather many to me.
I have problems with clients connecting from gprs networks - a client
connects, but when he stops working (using net apps) or just does nothing, a
connection is dropped in a minute or two. I noticed so fast connection
tearings only in the gprs network.
Some people told me, that if you send a little packets you are downgraded in
QoS in the gprs networks. I had no idea if it was true, so I wanted to check
if setting the keepalives to a small number of seconds would make a
difference.
thx,
Tom
More information about the Users
mailing list