HPE Community
Operating System - HP-UX
1827276 Members
1986 Online
109717 Solutions
New Discussion

Re: Telnet times out after 60 minutes only for remote intranet users

 
Cassie Xin
New Member

‎03-27-2003 08:48 AM

‎03-27-2003 08:48 AM

Telnet times out after 60 minutes only for remote intranet users

We have 3 N class and one L class in service. OS is 11.00 and 11.11

A user in the remote site can start a telnet session and after one hour exactly the service is disconnected. Packet capturing shows a "reset connection" was received at the client. As well, this occurs for win-sequel, sql+ or Oracle's OEM, again only for remote users.

If additional information is needed please let me know
0 Kudos
Reply
7 REPLIES 7
Robert-Jan Goossens
Honored Contributor

‎03-27-2003 09:01 AM

‎03-27-2003 09:01 AM

Re: Telnet times out after 60 minutes only for remote intranet users

Hi,

Look for

# echo $TMOUT

it is a shell variable to auto logout after a grace periode.

Hope it helps,

Robert-Jan.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎03-27-2003 09:09 AM

‎03-27-2003 09:09 AM

Re: Telnet times out after 60 minutes only for remote intranet users

Because this is only occurring for remote users, TMOUT does not seem to fit.

I would suspect a timeout that is occurring for idle connections through a router. Without knowing your network equipment, it's difficult to know.

One thing that might work, is to have a daemon that pings remote hosts on a regular basis to kep the connections active but this may or may not suffice depending upon whether the router considers pings "interesting" traffic.

If for example, you are using a Cisco PIX VPN, your network guys might need to look at this parameter.

TIMEOUT XLATE HH:MM:SS CONN HH:MM:SS
(Timeout for translate and idle connections).



If it ain't broke, I can fix that.
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎03-27-2003 09:28 AM

‎03-27-2003 09:28 AM

Re: Telnet times out after 60 minutes only for remote intranet users

I agree with Clay.
This has all the earmarks of a Firewall/Router timeout.
And it probably is not idle-related. The sessions appear to have an absolute timeout value. Concentrate your efforts on the FWs involved in this remote access, then proceed to the next downstream router, etc.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Cassie Xin
New Member

‎03-27-2003 10:18 AM

‎03-27-2003 10:18 AM

Re: Telnet times out after 60 minutes only for remote intranet users

Here's a reply from our networks group:

The connection from the data center to the remote site in question does not run through any firewalls or VPNs and is a T1 link that normally runs with a load of about 512kbps. (lack of "interesting traffic" to keep the link up is certainly not the issue) The network between the server and the user looks like this: HP server->Cisco 4006 switch->Cisco 3662 router->Cisco 2621 router->Cisco 4006 switch->user PC. There isn't any kind of proxying going on. We have done extensive packet analysis on this. The server sends a packet with the TCP Reset flag set at 1 hour plus or minus a few milliseconds. This problem applies to telnet, ftp, oracle apps on TCP1521. Also, it does NOT occur when using WRQ, Inc's Reflection s/w for VT100 (and we've verified by pkt capture that Reflection is not sending any keepalive packets).
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

‎03-27-2003 12:40 PM

‎03-27-2003 12:40 PM

Re: Telnet times out after 60 minutes only for remote intranet users

While I don't think this is related to the HPUX hosts, you could probe the tcp data using ndd and look for anything near 60 minutes. All timing values in ndd are output in ms's.

Off the top of my head, this should work:

#!/usr/bin/sh

ndd -get /dev/tcp "?" | grep "read" | while read X
do
Y=$(echo "${X}" | awk '{print $1}')
if [[ -n "${Y}" && "${Y}" != "?" ]]
then
echo "${Y}: \c"
ndd -get /dev/tcp ${Y}
fi
done

The idea is that we get a list of all ndd tcp paramters that are read or read and write and output each one.
If it ain't broke, I can fix that.
0 Kudos
Reply
Cassie Xin
New Member

‎03-27-2003 01:20 PM

‎03-27-2003 01:20 PM

Re: Telnet times out after 60 minutes only for remote intranet users

Here is the attachment with the results. Thanks for your assistance with this =)
0 Kudos
Reply
Cassie Xin
New Member

‎04-08-2003 10:03 AM

‎04-08-2003 10:03 AM

Re: Telnet times out after 60 minutes only for remote intranet users

This was a case where a firewall had a configuration issue that ended sessions at 60 minutes. The network group did not think this firewall would affect the internal network, only connections to the internet.

Thanks again for all help on this problem.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.