Younes Manton
2014-09-11 16:21:22 UTC
Hi,
I have a NATted client behind a router that sends a single UDP
keepalive packet to a server. The server responds with a single
packet. According to the output of /proc/net/ip_conntrack however the
mapping that is created is not in the ASSURED state and is therefore
only kept alive for 30s. Is this expected? I was expecting the
connection to be ASSURED and to have a 180s timeout. Router is running
2.6.22.19, which is old, but I'm stuck on it. I took a look at the
source for that version and the latest kernel and it looks essentially
the same to me and seems to suggest that if both a send and a response
is seen then that's enough to make the connection ASSURED, so I
thought to ask here.
Background:
I have an Android phone and am using the built in SIP client behind a
Netgear router running Tomato. Router's UDP assured timeout is set to
180s, unreplied is 30s. The SIP client is trying to be smart and find
the longest keepalive that works; it has an algorithm that starts at
10s and is supposed to work up to 120s over time/depending on battery
level/possibly some other voodoo, but it sometimes gets into a state
where it goes over 120s and even over 180s. By the time it gets to
keepalives >180s I hit the above problem where the router is only
keeping the hole open for 30s.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
I have a NATted client behind a router that sends a single UDP
keepalive packet to a server. The server responds with a single
packet. According to the output of /proc/net/ip_conntrack however the
mapping that is created is not in the ASSURED state and is therefore
only kept alive for 30s. Is this expected? I was expecting the
connection to be ASSURED and to have a 180s timeout. Router is running
2.6.22.19, which is old, but I'm stuck on it. I took a look at the
source for that version and the latest kernel and it looks essentially
the same to me and seems to suggest that if both a send and a response
is seen then that's enough to make the connection ASSURED, so I
thought to ask here.
Background:
I have an Android phone and am using the built in SIP client behind a
Netgear router running Tomato. Router's UDP assured timeout is set to
180s, unreplied is 30s. The SIP client is trying to be smart and find
the longest keepalive that works; it has an algorithm that starts at
10s and is supposed to work up to 120s over time/depending on battery
level/possibly some other voodoo, but it sometimes gets into a state
where it goes over 120s and even over 180s. By the time it gets to
keepalives >180s I hit the above problem where the router is only
keeping the hole open for 30s.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html