From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1Lzua9-0005CB-1v for qemu-devel@nongnu.org; Fri, 01 May 2009 11:23:21 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1Lzua4-0005Bh-Go for qemu-devel@nongnu.org; Fri, 01 May 2009 11:23:20 -0400 Received: from [199.232.76.173] (port=55054 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Lzua4-0005Be-AN for qemu-devel@nongnu.org; Fri, 01 May 2009 11:23:16 -0400 Received: from mx1.redhat.com ([66.187.233.31]:57005) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1Lzua3-00006S-Vj for qemu-devel@nongnu.org; Fri, 01 May 2009 11:23:16 -0400 Date: Fri, 1 May 2009 16:23:12 +0100 From: "Daniel P. Berrange" Subject: Re: [Qemu-devel] PATCH: enabling TCP keepalives - v3 Message-ID: <20090501152312.GH13308@redhat.com> References: <49F9FEBA.6050901@gmail.com> <20090501113204.GA10763@amd.home.annexia.org> <49FAEFDD.2070002@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <49FAEFDD.2070002@gmail.com> Reply-To: "Daniel P. Berrange" List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: David Ahern Cc: "Richard W.M. Jones" , qemu-devel@nongnu.org On Fri, May 01, 2009 at 06:49:33AM -0600, David Ahern wrote: > > > Richard W.M. Jones wrote: > > On Thu, Apr 30, 2009 at 01:40:42PM -0600, David Ahern wrote: > >> Did not see a response to the last version. > >> > >> This patch enables TCP keepalives on VNC connections and TCP-based char > >> devices. > >> > >> Default parameters have keep alive probes sent after 60-seconds of idle > >> time. Probes are sent every 12 seconds with the connection resetting > >> after 5 failed probes (ie., connection is closed if no response received > >> in 60-seconds). > > > > IMHO this should be optional, and firmly default to _OFF_. Brief > > network outages shouldn't result in connections failing all over the > > place. In addition, does this negatively impact migration? > > It's not a matter of connections failing; it's a matter of cleaning them > up for a variety of reasons. Besides the VPN example which motivated > this patch (i.e, VPN connection drops and when re-established you get a > differnt IP), there are a lot of networks with very aggressive firewalls > (e.g., 60-minute timers). Without some sort of keepalive mechanisms > those firewalls will close the holes and the connections will hang. You don't neccessarily always get a different IP for VPN connections, as administrators may well choose to give users a fixed IP for their VPN client. I'm not entirely against keepalives, but I thing making it drop the connection after a mere 60 seconds is way too quick, if this is enabled by default. I'd be more inclined to just have it use the kernel defaults for timeouts Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|