From: Andrew Tridgell tridge@samba.anu.edu.au
Subject: tip of the day
Hi everyone,
At ANU I sometimes sent out Linux tips and tricks to all@cs. That
worked out well and sometimes sparked off interesting
discussions.
Anyway, here is the first one.
We use IP masquerading to allow our internal 10.*.*.* IP
addresses
to talk to the world. That works great for short lived or
busy connections (like http or ftp) but has problems with telnet,
ssh
etc. What happens is the connection gets dropped after it has
been
idle for a while. That can be fixed on the masq server but the
quick
fix on the client is to add:
echo 60 > /proc/sys/net/ipv4/tcp_keepalive_time
to the bottom of /etc/rc.d/rc.local (or wherever your local
startup
stuff is). That ensures your external TCP connections send a
packet at
least evey 60 seconds, so the masq server won't drop the
link.
Cheers, Tridge