SSL socket and keepalive

Mickael Remond mickael.remond@REDACTED
Sat Feb 12 17:03:37 CET 2005

klacke@REDACTED wrote:
> It makes sence for SSL sockets as well. If it's not supported
> through the APIs, on Linux you can get it through:
> # echo 600 > /proc/sys/net/ipv4/tcp_keepalive_time

This change the keepalive time but it looks like it should be enabled in 
the TCP connexion to activate it.
gen_tcp offer a {keepalive, boolean} option but Erlang ssl module does not.
Maybe this option is missing in the Erlang SSL implementation ?

> Actually, it especially makes sence for SSL session since
> the resources occupied (at the server side) for an SSL session
> are considerable, and you may want to free those resources in the
> case of crashed/rebooted/brutally-disconneced  client.

Ok. That what I thought. Keepalive in managed in the TCP layer, but you 
remark is very interesting because it means that I should lower the 
keepalive time if SSL is heavily use on my server.

Thank you !

Mickaël Rémond

More information about the erlang-questions mailing list