ntls tcp_keepalive set
Configure the NTLS TCP keepalive settings.
TCPKeepAlive is a TCP stack option, available at the Luna HSM Client and the Luna Network HSM 7 appliance. It is controlled via an entry in the Luna HSM Client configuration file, and an equivalent file on the Luna Network HSM 7.
On the Luna Network HSM 7 appliance, where you do not have direct access to the file system, the TCPKeepAlive= setting is controlled by lunash:> ntls tcp_keepalive set.
The settings at the appliance and the client are independent. This allows a level of assurance, in case (for example) a firewall setting blocks communication in one direction.
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
ntls tcp_keepalive set -idle <seconds> -interval <seconds> -probes <number>
Argument(s) | Shortcut | Description |
---|---|---|
-idle <seconds> | -id |
Specifies the TCP keep alive idle timer, in seconds. This is the initial wait until a keep alive is issued. Recommended value is 200. Range: 10 to 10,000 Default: 10 |
-interval <seconds> | -in |
Specifies the TCP keep alive interval time, in seconds. This is the duration between any two successive keep alive transmissions. Recommended value is 150. Range: 10 to 360 Default: 10 |
-probes <number> | -p |
Specifies the number of retries to attempt if a transmission is not acknowledged. Recommended value is 15. Range: 1 to 30 Default: 2 |
NOTE The default values are simply starting points intended to keep the feature "out of the way" until you configure for your particular network conditions. The recommended values are conservative, and address a common situation where a flurry of network activity might allow the probe count to be reached before the acknowledgment packets are able to return to the HSM appliance, which would cause the appliance to reset the connection.
Example
lunash:>ntls tcp_keepalive set -idle 200 -interval 150 -probes 15 NOTICE: The NTLS service must be restarted for new settings to take effect. Command Result : 0 (Success)