Firewalls don't like inactive connections that stay open. Most of them will drop the connection silently, which will generate errors on connections pools like database, AJP or LDAP. Here are some advices to prevent this.
If you are using mod_proxy_ajp, you can activate a TCP keep alive to prevent persistent connections to be dropped. This requires the usage of mod_proxy options
flushpackets=on. You also need to configure the TCP keep alive delay using sysctl (
Refer to mod_proxy documentation for more information.
Database pool can try to reconnect on invalid connection (NXP-7528) but it is better to enable the keep alive on your database. For instance using PostgreSQL, this can be achieved with the following options:
|5||Maximum number of TCP keepalive retransmits.|
|60||Time between issuing TCP keepalives.|
|60||Time between TCP keepalive retransmits.|
Here, there are no keep alive alternative. You can simply disable the LDAP connection pool in the directory configuration.