From: Andrew Tridgell tridge@samba.anu.edu.au
Subject: tip of the day

Hi everyone,

At ANU I sometimes sent out Linux tips and tricks to all@cs. That
worked out well and sometimes sparked off interesting discussions.

Anyway, here is the first one.

We use IP masquerading to allow our internal 10.*.*.* IP addresses
to talk to the world. That works great for short lived or
busy connections (like http or ftp) but has problems with telnet, ssh
etc. What happens is the connection gets dropped after it has been
idle for a while. That can be fixed on the masq server but the quick
fix on the client is to add:

echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time

to the bottom of /etc/rc.d/rc.local (or wherever your local startup
stuff is). That ensures your external TCP connections send a packet at
least evey 60 seconds, so the masq server won't drop the link.

Cheers, Tridge