[prev in list] [next in list] [prev in thread] [next in thread]
List: juniper-nsp
Subject: Re: [j-nsp] Juniper SRX and ssh freeze
From: Julien Goodwin <jgoodwin () studio442 ! com ! au>
Date: 2010-12-23 10:50:46
Message-ID: 4D132986.9040504 () studio442 ! com ! au
[Download RAW message or body]
On 23/12/10 21:34, Florian Weimer wrote:
> * Julien Goodwin:
>
>> For my SRX at the office back when I installed it (9.6 IIRC) *TCP*
>> keepalives would not extend session timeouts, but *SSH* keepalives
>> worked very well, that's the ServerAliveInterval setting in OpenSSH.
>
> Typically, TCP keepalives happen at such long intervals that they do
> not keep firewall state alive.
In my specific case (whinging admin in internal IT, not production) they
were at least every minute.
We do actually have some systems that are so old/weird they don't
support the ServerAliveInterval, but they're all fairly minor so it's
not usually a problem.
--
Julien Goodwin
Studio442
"Blue Sky Solutioneering"
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic