On Mon, 2006-02-06 at 10:19 -0800, Kevin Till wrote:
> Gordon J. Mills III wrote:
> > Thanks Stefan, I do have iptables running on the client since it is my
> > firewall machine. 

There is another problem with amanda and iptables that made me crazy for
quite a while. It doesn't sound like it's your problem, but just in
case, here's a note I wrote to myself:


> If a DLE is large and the client is behind an iptables firewall, the
> estimate can timeout.   This is because iptables has a timeout (30
> minutes) to kill inactive TCP connections, and the estimate takes
> longer than that.    The kernel sends keepalive packets on TCP, but
> the default time (2 hours (7200 seconds)) is longer than the iptables
> timeout so iptables decides the connection has been abandoned and
> tears it down. 
>   
> To fix this by setting the kernel keepalive time to 15 minutes, login
> as root on the client and: 
>  
> 'echo 900 >/proc/sys/net/ipv4/tcp_keepalive_time' 
>  
> see http://documents.made-it.com/iptables-timeout.html


The client's keepalive timeout is reset to 2 hours every time it
reboots.

-- 
Glenn English
ghe AT slsware DOT com