[LON-CAPA-admin] State table timeout and resource browsing
Guy Albertelli II
guy at albertelli.com
Fri Oct 31 15:48:35 EST 2003
Hi Todd,
> Lately, we've been having problems accessing off-campus domains when
> trying to browse resources, etc. We have also had a recent change in our
> campus networking environment. A firewall has been put in place. As of
> right now, the firewall is not supposed to be limiting access at all.
> However, the firewall does keep a state table, and if there are no
> transactions for one hour, the state table times out and silently drops
> the offending connection.
This would be bad.
Currently the daemons hold open a connection to each machine in the
network.
If these connections get destroyed it can take up to 5 minutes when
some makes a query down one of them before lonc will timeout the
connection.
> Anyway, my question is this: does the inter-domain communication scheme
> work in such a way that this 60-minute timeout would have disastrous
> effects?
Yep.
> If we have to, we can request to be outside the firewall, but I'd
> appreciate some developer insights.
Getting rid of the firewall would be best but until then maybe you
could try to keep the connections active? (There is a do nothing
command in the lonc/d protocal ping and pong. A modified version of
loncontrol could be run every 5-10 minutes by cron and send these
commands down the wire)
--
guy at albertelli.com LON-CAPA Developer 0-7-5-3-
More information about the LON-CAPA-admin
mailing list