This sounds to me like it needs to run through an ARC case.
Personally, what you are trying to do seems to me to be a misuse of
the keepalive to work around a broken firewall. Which may be desirable
feature, I don't know.
That having been said, my first thought is that this should be a per
service attribute, which would make it less useful for you, but more
useful in general.
Gary Mills wrote:
I had previously posted this code review request to the SMF forum,
but I understand that this one is more appropriate for inetd changes.
The inetd restarter defines a set of properties to control the behaviour
of the services it manages. This case adds the option `tcp_keepalive' to
the inetd restarter. Setting this option enables the TCP keepalive
facility for connections to services managed by inetd. It's needed
because some services do not have the ability to enable this facility by
themselves.
Here's an example:
# inetadm -M tcp_keepalive=true
# svcadm refresh svc:/network/inetd:default
# pfiles 100531
100531: /usr/lib/inet/inetd start
Current rlimit: unlimited file descriptors
...
20: S_IFSOCK mode:0666 dev:363,0 ino:18204 uid:0 gid:0 size:0
O_RDWR
SOCK_STREAM
SO_REUSEADDR,SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49152)
sockname: AF_INET6 :: port: 514
21: S_IFSOCK mode:0666 dev:363,0 ino:18204 uid:0 gid:0 size:0
O_RDWR
SOCK_STREAM
SO_REUSEADDR,SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49152)
sockname: AF_INET 0.0.0.0 port: 514
22: S_IFCHR mode:0000 dev:354,0 ino:19060 uid:0 gid:0 rdev:105,155
O_RDWR
/devices/pseudo/t...@0:ticotsord
23: S_IFSOCK mode:0666 dev:363,0 ino:11695 uid:0 gid:0 size:0
O_RDWR
SOCK_STREAM
SO_REUSEADDR,SO_KEEPALIVE,SO_SNDBUF(49152),SO_RCVBUF(49152)
sockname: AF_INET6 :: port: 513
It's also possible to disable it by default but enable it for
individual services. I've also verified that null packets are sent
every two hours with the default tcp_keepalive_interval setting.
The webrev for this one is at:
http://cr.opensolaris.org/~jgmills/ws-6263835/
We need this facility because of a firewall that disconnects idle TCP
connections after one hour. We had to reduce tcp_keepalive_interval to
30 minutes to prevent disconnection of terminal sessions.
--
blu
It's bad civic hygiene to build technologies that could someday be
used to facilitate a police state. - Bruce Schneier
----------------------------------------------------------------------
Brian Utterback - Solaris RPE, Sun Microsystems, Inc.
Ph:877-259-7345, Em:brian.utterback-at-ess-you-enn-dot-kom
_______________________________________________
networking-discuss mailing list
[email protected]
