Обсуждение: long term persistent tunnels

Now that I have ssh tunneling working I am wondering what pitfalls
away.

Assume I have a server called db1 running the postgresql backend.

Asume I have another server called web1 that will be connecting to db1
for data base operations.  If I setup an ssh tunnel should I be aware
of any problems with 1) spontaneously dropped connections...2) long
term time out -- 3)other?

any advice most appreciated.

--
David Bear
phone:     480-965-8257
fax:     480-965-9189
College of Public Programs/ASU
Wilson Hall 232
Tempe, AZ 85287-0803
 "Beware the IP portfolio, everyone will be suspect of trespassing"

David Bear <David.Bear@asu.edu> writes:
> Asume I have another server called web1 that will be connecting to db1
> for data base operations.  If I setup an ssh tunnel should I be aware
> of any problems with 1) spontaneously dropped connections...2) long
> term time out -- 3)other?

In theory the connection won't be dropped until the client drops it or
the database is shut down.

In practice, the only major problems I've heard about have to do with
connections that go through a NAT (address-mapping) firewall.  A NAT
firewall has to keep a table of open connections, and some of them seem
to drop their entries for idle connections with unseemly haste (like
less than the RFC-mandated timeouts).

If you've got one of these suckers to deal with, the only solution is to
make sure there's some activity on the connection at least once every
few minutes.

If web1 and db1 are on the same LAN then you probably have nothing to
fear.

            regards, tom lane