IPFW and IPv6 TCP timeout problem
Joost Bekkers
joost at jodocus.org
Thu Mar 5 05:21:05 PST 2009
On Thu, March 5, 2009 12:30, Ivan Voras wrote:
> Hi,
>
> It appears that IPFW drops dynamic (state-keeping) rules for idle IPv6
> TCP connections after a short (60 seconds by default) timeout. This of
> course creates problems for services like SSH and NFS. I've contacted
> Luigi Rizzo about it but he cannot help with the IPv6 part of the ipfw.
> His guess is that the part that should send keepalive ACK packets like
> ipfw does for IPv4 is broken or nonexistent for IPv6.
>
> Any takers? Should I file a PR?
>
>
You might want to check if kern/117234 is relevant here. I've got a
feeling this is the problem you're seeing.
The PR includes a patch, it just needs somebody to commit it.
good luck.
Joost.
More information about the freebsd-net
mailing list