summaryrefslogtreecommitdiffstats
path: root/doc/sync/notrack/conntrackd.conf
diff options
context:
space:
mode:
Diffstat (limited to 'doc/sync/notrack/conntrackd.conf')
-rw-r--r--doc/sync/notrack/conntrackd.conf14
1 files changed, 10 insertions, 4 deletions
diff --git a/doc/sync/notrack/conntrackd.conf b/doc/sync/notrack/conntrackd.conf
index 1df79a1..39a5faa 100644
--- a/doc/sync/notrack/conntrackd.conf
+++ b/doc/sync/notrack/conntrackd.conf
@@ -4,11 +4,17 @@
Sync {
Mode NOTRACK {
#
- # Entries committed to the connection tracking table
- # starts with a limited timeout of N seconds until the
- # takeover process is completed.
+ # This parameter allows you to set an initial fixed timeout
+ # for the committed entries when this node goes from backup
+ # to primary. This mechanism provides a way to purge entries
+ # that were not recovered appropriately after the specified
+ # fixed timeout. If you set a low value, TCP entries in
+ # Established states with no traffic may hang. For example,
+ # an SSH connection without KeepAlive enabled. If not set,
+ # the daemon uses an approximate timeout value calculation
+ # mechanism. By default, this option is not set.
#
- CommitTimeout 180
+ # CommitTimeout 180
#
# If the firewall replica goes from primary to backup,