>>> "A. Schulze" <[email protected]> schrieb am 26.03.2019 um 14:59 in Nachricht <[email protected]>:
> > Am 26.03.19 um 07:58 schrieb Ulrich Windl: >> I don't understand that: Keepalive (as I know it) has nothing to do with > idle >> connections, but only with dead connections. > Any statefull firewall will reset/drop/delete/discard a connections state > information > from it's internal connection table after some time if no traffic was seen > (for example for 5 minutes) Actually a bad idea: A few years again I wrote a TCP redirector that had problems: First, I had no timeout, so dead connections could not be detected, so I added a timeout. Second, idle connections timed out, so I added keep-alive. Then I was happy. It seems LDAP connections here also live for a very long time, sometimes idle for hours... Regards, Ulrich
