On Monday 2010-09-13 22:01, Erik Schweigert wrote:
>Hi all,
>
>I am wondering where the timeout values in
>
>/net/netfilter/nf_conntrack_proto_tcp.c
>
>of:
>
>static unsigned int tcp_timeouts[TCP_CONNTRACK_MAX] __read_mostly = {
> [TCP_CONNTRACK_SYN_SENT] = 2 MINS,
> [TCP_CONNTRACK_SYN_RECV] = 60 SECS,
> [TCP_CONNTRACK_ESTABLISHED] = 5 DAYS,
> [TCP_CONNTRACK_FIN_WAIT] = 2 MINS,
> [TCP_CONNTRACK_CLOSE_WAIT] = 60 SECS,
> [TCP_CONNTRACK_LAST_ACK] = 30 SECS,
> [TCP_CONNTRACK_TIME_WAIT] = 2 MINS,
> [TCP_CONNTRACK_CLOSE] = 10 SECS,
> };
>
>are decided? Are these arbitrary or is this defined in the TCP RFC (I
>could not see the TCP_CONNTRACK_ESTABLISHED value defined there).
In the TCP RFC. Of course you won't find TCP_CONNTRACK_ESTABLISHED in
there, it's a TCP RFC. Not a conntrack RFC.
"""the TCP must keep quiet for a maximum segment lifetime (MSL) before
assigning any sequence numbers upon starting up or recovering from a
crash in which memory of sequence numbers in use was lost. For this
specification the MSL is taken to be 2 minutes."""
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
