Re: Why does idle telnet session get disconnected?

From: Bill Gunshannon (bill_at_gw5.cs.uofs.edu)
Date: 06/18/04 

Date: 18 Jun 2004 21:23:22 GMT

In article <cavhb6$k3g$1@grapevine.wam.umd.edu>,
        bleau@UMTOF.UMD.EDU (Lawrence Bleau) writes:
> Hello, c.o.v. I think we finally found a reason for the disconnect problem
> we've observed here, and thought I'd share it with the newsgroup.
>
> The problem was that an idle terminal session would be disconnected on
> later versions of VMS and TCPIP, but not earlier ones. Additionally, they
> would get disconnected for certain off-campus sites (my boss's home) but
> not for telnet sessions originating from on campus.
>
> It turns out two things were needed for this problem. First was the
> upgrade to some later version of TCPIP that increased the default keepidle
> period; earlier versions had it set at 150 (75 secs), later versions
> defaulted it to 14400 (2 hrs).
>
> The second thing that happened here was that, unknown to me at the time, my
> boss purchased an Apple Airport, sort of a router firewall combo for his
> home. This, I imagine, intercepted incoming packets from tcp sessions, and
> forwarded the packets over a separate circuit to the target system at his
> home, reversing the process for outgoing packets. This device has an
> internal timer; by experimentation we determined it to be about 60 minutes.
>
> It didn't see any packets from the idle telnet session for >60 minutes, so
> it disconnected it. The keepalive packets never reached the telnet client,
> so the VMS telnet server thought the session was dead and deleted the
> process, which was almost exactly at 2 hours. The telnet client noticed
> the dead connection sooner.
>
> When we set keepidle at exactly 7200 (1 hr) his session was kept alive for
> hours on end, even though it was idle. We increased keepidle in 1-minute
> increments, and at 1:05 the idle session was disconnected.
>
> When telnet sessions are started from on campus, there's no intermediate
> firewall, so the telnet client received and correctly responded to the
> keepalive packets; hence why there's no problem at work.
>
> So, somewhat to my relief, we concluded that this problem was not VMS, not
> TCP/IP, not the campus network, not the telnet server, not the telnet
> client, but the boss's own fault in making a network config change(!).
> Hey, do solutions get any better than this? :-)
>
> Anyway, we set keepidle down to 5 minutes (his decision, not mine) and it's
> now working like a charm; no one gets disconnected. Case closed; enjoy the
> weekend!
>

This comes as no surprise to me although I opted to keep out of the
original discusion. Our campus did the same thing, probably for the
same reason. It amazes me how sales droids can convince otherwise
competent network people to break the TCPIP protocol with such ease.

The supposed reason for doing this was to prevent "an attacker" from
opening a lot of sessions and leaving them behind. Sadly, that is
exactly what this "solution" does. After exceeding the idle time if
the user on the remote end types something his packets don't get through
and his client drops the session. But, unless something causes the
host to send data the idle session will stay there until explicitly
killed or the system is rebooted.

Idiots!!

bill 

-- 
Bill Gunshannon          |  de-moc-ra-cy (di mok' ra see) n.  Three wolves
bill@cs.scranton.edu     |  and a sheep voting on what's for dinner.
University of Scranton   |
Scranton, Pennsylvania   |         #include <std.disclaimer.h>

Relevant Pages

  • Re: Why does idle telnet session get disconnected?
    ... I think we finally found a reason for the disconnect problem ... forwarded the packets over a separate circuit to the target system at his ... It didn't see any packets from the idle telnet session for>60 minutes, ...
    (comp.os.vms)
  • Re: I noticed this thread, (and may start a new one) but I too am seeing this sort
    ... pops up, I think it's the RDP client, but it says, The connection has ... been lost - Attempting to Reconnect Session. ... MCSE, CCEA, Microsoft MVP - Terminal Server ... bandwidth is a getting really crunched sessions disconnect more often. ...
    (microsoft.public.windows.terminal_services)
  • Re: Mapped drives show disconnected when users log off and log on
    ... > I created roaming profile for all the users but since the wireless would ... > disconnect once in a while and they would loose their roaming profiles I ... > I have a vbs logon script which maps drives according to what groups the ... > computer they have two session starting, one is with the name of the computer ...
    (microsoft.public.windows.server.active_directory)
  • Mapped drives show disconnected when users log off and log on
    ... I created roaming profile for all the users but since the wireless would ... disconnect once in a while and they would loose their roaming profiles I ... I have a vbs logon script which maps drives according to what groups the ... computer they have two session starting, one is with the name of the computer ...
    (microsoft.public.windows.server.active_directory)
  • Re: Command Prompt stuck open
    ... open with a telnet session established to remote devices. ... If the telnet session is terminated via a remote device timeout (as is ... close the window or shutdown the machine. ...
    (microsoft.public.windowsxp.general)