We have an issue with some .Net applications getting connection timeouts when doing SQL requests to Db2. The code have been updated to improve logging when such timeout occurs. But, since we are not able to reproduce the errors and they only occur in production we need to "force" timeouts.
Is it possible to configure Windows firewall on Windows 2016 to enforce timeouts for all connections to ip-adress:portnumber?
To force a timeout, you simply need to drop/discard the packet without informing the sending process via a RST flag. However, from what I know, Windows firewall does not support dropping a packet without generating a corresponding RST packet (ie: it implements a
denyaction rather than adropone).Another simple method to test an application timeout is to point it to an non-existing/filtered address. If it does not work (due to ARP timeout being faster than TCP timeout) you can try pointing it to a reserved test IPv4 address as
192.0.2.1but, in this case and before taking this route, be sure to not sending any valuable information outside.