06-18-2004 01:18 AM
Hi
we have release 7.10.206a configured with SourceGroup and ASR. I made a sniffer trace and experienced that the CSS sends a lot of RST. As well I saw that it use only 1984 source ports for the connections to the server. How can I increase the number of source Ports? .In the attachments you will find the sniffer trace with the incorrect behaviour and the configuration.
Any suggestion, idea ?
06-18-2004 07:17 AM
the 1984 source ports is explained here :
This is due to the distributed architecture that requires the same module will see the inbound and outbound traffic for the same session.
So the source ports have been divided between the modules and each module can't use all the ports because of the hash algorithm being used.
The *solution* is to reduce the number of modules or avoid source group.
I still need to look at the trace to explain the RST.
Gilles.
06-18-2004 07:44 AM
the problem of the RST seems to be the frequent reuse of the same source port.
The destination of this connection seems to be confused and ACK the new SYN with the ack number of the previous connection. This ack number is out of range from the syn sequence number so the result if a RST.
ie:
Flow1 - Syn -> packet 1
Flow1 - Last ACK -> packet 33
Flow 2 - syn -> packet 34
Flow 2 - ack (instead of syn/ack) with acknumber same is packet 33.
This triggers a RESET -> packet 36
Flow 3 - syn -> packet 55
Flow 3 - same as flow 2 issue, ack with old ack number. This triggers a RST (packet 57).
Now the 2nd issue, the CSS (I believe tpkg0x.post.ch is the CSS) sends packet for flow 2 but the end station believes flow 2 was killed with the RESET of flow 3 and the host sends a RST to the CSS (packet 59) because its connection does not exist anymore.
So the all issue is the fact that ports are being reused to quickly.
You will need to involve more people to find a workaround to the 1984 ports available [and be aware they are available but not all usable].
Work with Marco K., your sale support.
Regards,
Gilles.
07-19-2005 02:48 AM
Hi Gilles
I have a question regarding this issue. If I disable ASR (deleting redundant-index from the configuration) does I have more SourcePorts avalaible ?
Regards
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide