summaryrefslogtreecommitdiffstats
path: root/doc/sync/alarm/conntrackd.conf
diff options
context:
space:
mode:
Diffstat (limited to 'doc/sync/alarm/conntrackd.conf')
-rw-r--r--doc/sync/alarm/conntrackd.conf11
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/sync/alarm/conntrackd.conf b/doc/sync/alarm/conntrackd.conf
index a65a378..d6f7a2a 100644
--- a/doc/sync/alarm/conntrackd.conf
+++ b/doc/sync/alarm/conntrackd.conf
@@ -23,6 +23,17 @@ Sync {
# takeover process is completed.
#
CommitTimeout 180
+
+ #
+ # If the firewall replica goes from primary to backup,
+ # the conntrackd -t command is invoked in the script.
+ # This command resets the timers of the conntracks that
+ # live in the kernel to this new value. This is useful
+ # to purge the connection tracking table of zombie entries
+ # and avoid clashes with old entries if you trigger
+ # several consecutive hand-overs.
+ #
+ PurgeTimeout 15
}
#