[LON-CAPA-admin] State table timeout and resource browsing

Todd Ruskell truskell at mines.edu
Thu Oct 30 22:26:10 EST 2003

Hi all,

Lately, we've been having problems accessing off-campus domains when
trying to browse resources, etc.  We have also had a recent change in our
campus networking environment.  A firewall has been put in place.  As of
right now, the firewall is not supposed to be limiting access at all.
However, the firewall does keep a state table, and if there are no
transactions for one hour, the state table times out and silently drops
the offending connection.

Our resource browsing problems have, I think, all benn post-firewall, but
I wasn't doing a lot of off-campus resource browsing when the firewall was
put in place, so I can't make an absolute correlation.

Anyway, my question is this:  does the inter-domain communication scheme
work in such a way that this 60-minute timeout would have disastrous
effects?  I did a quick test today.  I restarted both loncontrol and
httpd.  At that time I was able to browse off-campus.  However, after
letting the system sit for about 90 minutes, I couldn't browse outside our
firewall at all.  This does make me suspicious, hence the question.

If we have to, we can request to be outside the firewall, but I'd
appreciate some developer insights.

Thanks a bunch,


More information about the LON-CAPA-admin mailing list