peez80

Asked: 2019-01-15 08:13:03 +0800 CST2019-01-15 08:13:03 +0800 CST 2019-01-15 08:13:03 +0800 CST

TCP KeepAlives with NAT?

We have a Network set up like this:

MQTT Client -- TCP Forward (Netscaler) -- TLS Termination + TCP Forwarding (HAProxy) -- MQTT Server

For several reasons we needed to turn on TCP KeepAlives in HAProxy, because the client has a huge timeout which is not supported by the networking infrastructure behind the HAProxy.

According to Wireshark these TCP-KA's are sent out correctly from HAProxy to the other peers, but within some sessions, the TCP KeepAlives to the Netscaler side is not ACK'ed, which causes the connection to be dropped.

I am now wondering if the problem is the Netscaler or MQTT Client. Are KeepAlives usually only sent to the next peer or are they kind of "End2End"? Or in other words - Who is supposed to ACK the TCP-KeepAlives sent by HAProxy - Netscaler or Mqtt Client?

TCP KeepAlives with NAT?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

TCP KeepAlives with NAT?

0 Answers