[Masq] ORACLE connections, general keep-alive info?

Wed, 26 May 1999 10:42:13 -0700 


All:

I'm a big MASQ user, both at home via my ADSL line and at work, where I've
put all our workstations (about 25) on a private subnet behind a MASQed
connection. Everything works great, nobody cares that they don't have a real
IP anymore. Except...

We do Oracle development, and Oracle opens a TCP/IP connection that, I
believe, stays active by the server sending 'keep-alive' packets (don't know
if I've got my terminology right) to the clients (which, remember, are
behind the MASQed connection). The problem is that the connection isn't kept
up, it's dropped due to inactivity. I guess the client machines aren't
getting those keep-alive packets. The packets aren't getting through the
MASQed connection.

I've kinda solved the problem by turning up the timeouts on TCP connections:

     ipchains -S 1800 300 300

This sets TCP connections to 30 minutes, TCP FIN and UDP to 5. It's not a
great solution as the server sometimes runs out of ports above 61000. I
originally had the timeout set at 2 hours, but it clogs up fast and freezes
up the network. Plus, I'm told by my network-knowledgeable friends that the
TCP timeout SHOULD NOT even be set as high as 30 minutes, much less hours.

I have 2 theories:

1) I have my settings too restrictive on the incoming filter.
   I actually know very little about ipchains yet; for me, it's
   just a replacement for ipfwadm. I learned enough to get my
   connections up, but that's about it. Startup settings are:

      ipchains -P forward DENY
      ipchains -A forward -s 10.10.10.0/24 -j MASQ
      ipchains -S 1800 300 300
      /sbin/insmod /lib/modules/2.2.7/ipv4/ip_masq_ftp.o

2) It just plain ain't gonna work. With all the port shuffling,
   I could totally understand that.

For general info, Oracle seems quite happy to communicate through the MASQed
connection, and other than the connections dropping if you don't use them
for 30 minutes, it works great. BTW, they need to be kept up to hold session
information on the Oracle Server side, and when they drop, you have to save
all your work to disk, re-connect, get back to where you were, and start
again. It's just a pain.

Any help would be greatly appreciated.

Jason Gerry
Net Placement Corporation
404.467.0076 x101



_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]

Reply via email to