Daniel Stenberg wrote:

>> SO_KEEPALIVE (associated with keep-alive timeout adjustments in the
>> firewall and/or client OS) may create transparent activity on the
>> control connection without disturbing the FTP protocol itself.

>Yes, assuming you can make it send keepalive packets more often than
the timeout time is set to in the firewall. If I recall things
correctly, SO_KEEPALIVE default is something like two hours and I
believe there are operating systems on which changing that time is hard.

True. However, some firewalls allow you to change their own timeout: set
it to > 2 hours if possible. NEVER set it to "no timeout": this would
prevent the firewall to drop old connections that have died without
exchanging the "TCP close" dialog (For example when a machine crashes or
when another firewall on the path dropped the connection!), causing a
table overflow and thus, a mandatory reboot of the firewall.

Changing the keep-alive timeout in the client OS is a system action. As
you say, this might be hard on some of them. However, the following
links should cover at least 95% of the real-life cases:

XP: http://support.microsoft.com/kb/314053
Linux + FreeBSD + Solaris: http://www.gnugk.org/keepalive.html
OS/400:
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/c
l/chgtcpa.htm
Received on 2007-11-07