Andrew Yager <and...@rwts.com.au> writes: > By default the SRX closes the flow after 30 minutes (1800 seconds) as there > is no activity on the wire during this time.
I have no SRX firewalls, so I cannot help you with your actual problem, but I can provide an ugly workaround... If you play with tcp_keepalives_count tcp_keepalives_idle tcp_keepalives_interval in postgresql.conf, you can get Postgres to send TCP keepalive every so often. That should keep the session open. 30 minutes is IMHO a very low timeout for TCP sessions. Personally I set session timeout to 86400 for TCP on the firewalls that I control. If the number of sessions is becoming too large, a session timeout of 30 minutes is unlikely to help anyway, and TCP sessions tend to close properly with a FIN instead of by timer. /Benny _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
