Date: Sat, 11 Aug 2001 16:38:22 +0200 (CEST) From: Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl> To: John Van Boxtel <jvb@whoowl.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: distributed natd Message-ID: <Pine.BSF.4.21.0108111626001.635-100000@lhotse.zaraska.dhs.org> In-Reply-To: <004701c1221a$89c57dc0$6b00a8c0@vanbo.whoowl.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Keeping with the above ping pong idea, maybe instead of icmp packets you can > stick with TCP and have the data in the packet have some sort of "upstream > ok" / "upstream down" bit in it... By "ping" I did not mean sending ICMP to peer gateway, but sending a special command over this TCP/UDP link between gateways forcing the other end to issue a reply. However it came up to me later, that if we have traffic, then we have state tables updated constantly, thus alive gateway should send the others notifications all the time. So we should try to "ping" it only it case it goes silent (=no update request within given interval) to see if it died or workstation users went home ;) "Upstream up/down" flag is a good idea. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0108111626001.635-100000>