THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
The configuration option this KIP proposes to add to enable server-side expired-connection-kill is 'connections.max.reauth.ms' (not required to be prefixed with listener prefix or SASL mechanism name – this is such a single value for would be used across the cluster – but it may be as mentioned below). For example, "connections.max.reauth.ms=3600000". The value represents the maximum value that could potentially be communicated as part of the new V1 SaslAuthenticateResponse. The default value is 0, which means there is effectively no maximum communicated (0 will be sent, meaning "none"), server-side kill of expired connections is disabled, clients are not required to re-authenticate, and whether clients re-authenticate or not and at what interval is entirely up to them. Existing SASL clients upgraded to v2.1.0 will be coded to not re-authenticate in this scenario. The default value of 0 therefore results in no change whatsoever.
...
The 'connections.max.reauth.ms' configuration option will not be dynamically changeable; restarts will be required if the value is to be changed. However, if a new listener is dynamically added, the value could be set for that listener at that time . This dynamic override ability (and the configuration key would be prefixed in that case); this dynamic capability will be addressed as a separate ticket and may not be delivered with the initial KIP implementation.
...