Re: Connection loosing at some places - caused by firewall - Mailing list pgsql-general

From George Neuner
Subject Re: Connection loosing at some places - caused by firewall
Date
Msg-id 9bbn8dt0juobafdv8ds5pt0f04374u3qc1@4ax.com
Whole thread Raw
In response to [GENERAL] Connection loosing at some places - caused by firewall  (Durumdara <durumdara@gmail.com>)
List pgsql-general
On Mon, 19 Feb 2018 13:02:30 +0100, Durumdara <durumdara@gmail.com>
wrote:

>2018-02-13 21:21 GMT+01:00 George Neuner <gneuner2@comcast.net>:
>
>> On Tue, 14 Nov 2017 12:09:31 +0100, Durumdara <durumdara@gmail.com>
>> wrote:
>>
>> >*I disabled my firewall at home - the [keepalive] problem vanished!!!*
>>
>> What firewall are you using?  Windows own firewall doesn't interfere
>> with keepalive packets.  Most commercial SOHO firewalls won't either.
>>
>Normal Windows Firewall (Defender). An ASUS test notebook works. The DELL
>isn't.
>So something is different in the FW on DELL. With manually defined (faster)
>keepalive it's working.

Keepalive is part of the TCP protocol - it's an ACK that repeats the
last used packet sequence number.  Under normal circumstances, the
sequence number is incremented (modulo rollover) for each new packet.
Keepalive is recognized as a deliberate and particular breaking of the
packet sequence.

Windows firewall has no settings pertaining to keepalive separate from
the operating system.  Once you have permitted TCP connections to the
port or program, if any keepalive packets are sent, the firewall must
allow them through.

[Of course, both sides must agree on the keepalive settings for it to
work, but that is a different issue.]


It may be that your firewall is f'd up.  The firewall doe perform
"stateful inspection" of open TCP connections - essentially looking
for protocol mistakes that may indicate intrusion hacks or replayed
connections.  It could be that the SI module is losing synchronization
when the connection goes idle.
[Back in the day, there were a number of SOHO NAT routers that had
this and other problems with their stateful inspection code.]


You can try running a system file check to see if something has gotten
corrupted:
https://support.microsoft.com/en-us/help/929833/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system

You also can try resetting the firewall rules to default from the
control panel.  Of course then you'll have to reauthorize every
program that requires a connection.


for more information on how the firewall works, see:
https://technet.microsoft.com/en-us/library/cc779199(v=ws.10).aspx


Hope this helps,
George



pgsql-general by date:

Previous
From: Dylan Luong
Date:
Subject: Performance issues during backup
Next
From: Abhra Kar
Date:
Subject: stored procedure call is not working with "select procedure()" option