cancel
Showing results for 
Search instead for 
Did you mean: 

SQLNTCLNT timeouts in Firewall

Former Member
0 Kudos

Hello all,

We have 2 servers clustered using Windows 2003 with SQL Server 2005. Our SAP version is Netweaver 7.0 (2004s). Along with the clustered servers we have 2 application servers running Windows 2003. The application servers are in a DMZ seperated from the ASCS and DB hosts which are clustered. The seperation is done with a Firewall doing stateful packet inspection with a timer set to 1 hour.

We are currently having a problem where idle connections are timing out. The SQL client is set to send keepalives at intervals that would keep the firewall from disconnecting. We are still getting disconnects related to ACK packets with corresponding SYN packets which indicates that the connection was dropped out of the firewalls inspection table.

I've been looking for a MSSQL database related keepalive within SAP. I have not found it. Is there somewhere within SAP that I need to configure the SQL Client keepalive settings?

BTW, I have verified this with NIPING so I am more than reasonably sure that the issue is a lack of traffic with the persistant connection.

Settings done in profiles: rdisp/keepalive - 120, gw/keepalive - 300, ms/keepalive - 300.

Thanks

Roger

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos

hi Roger,

Are you using checkpoint or other firewall software?

Can you check firewall setting for connection timeout?

Regards

Ariyanto

Former Member
0 Kudos

Yes, the firewall is a Firewall-1 using stateful packet inspection with the timer set to 1 hour. A keepalive would keep the connection open. The SQL native client is set to send a keepalive every 30 seconds. We are not seeing them in the firewall logs. So my thought is that SAP utilizes the native client without sending keepalives by overwriting the system default. I've been looking for a setting to control this outside of the sql native client configuration manager.

Former Member
0 Kudos

Hi,

check following information might helps you

http://blogs.msdn.com/sql_protocols/archive/2006/03/09/546852.aspx

regards,

kaushal