Cisco CSS flow idle timeout not working as expected ?
I have a CSS 11503 with a basic content rule for TCP 10000 going to a few backend servers. I was looking into the default timeout values for flows and when testing using telnet the flow didn't terminate as expected?
For example, i have no 'timeout multiplier' specified in the config and when i look at the output of 'show flow-timeout default' it tells me the default 16 seconds timeout is in effect for *. With that in mind, i telnet to the content rule vip on TCP 10000 and on the backend server using wireshark i can see the TCP threeway handshake. With no data passing i'd expect the CSS to terminate this flow after 16 seconds.. yet it takes exactly 128 seconds before wireshark shows the RST and the flow is terminated. 128 being 8 times the default 16 second flow timeout.
If i try to force the connection to close early by specifiying 'flow-timeout-multiplier 2' in the content rule, or even a multiplier of 40, it still waits 128 seconds to close the telnet connection.
Am i missing missing something? What does the CSS define an idle flow to be?
CSS will not send a reset when the flow times out.
16 seconds of idle if not muliplied means that when the flow is idle for 16 seconds it becomes eligible for garbage collection and the flow is moved to a sppof table. Internally the flow control block is reclaimed, however nothing is reset , if the client or server then sends data the data will go through as long as the spoof table is not full (32k). If the spoof table fills and it is the oldest entry when the client sends data he will get a reset back.
You can achive an idle timeout where th eload balancer sends a reset if you are using a cisco ace module or appliance , however CSS has no idle timeout that sends a reset. If you want to reset an idle connection you need to do that at the server.
常见的数据中心之间通信均会采用运营商MSTP/OTN专线进行互联实现通信，由于长途线路价格昂贵通常我们需要最大化使用线路带宽，传统的网络传输中通常是尽力而为传输一旦突发流量较大就会发生线路拥塞的情况，从而影响业务正常通信传输。这时候我们可以采用Qos技术来实现数据中心思科设备之间关键网络流量保障，从而实现链路最大化利用。拓扑图场景如下：如上图，SW01是位于数据中心A的广域网接入Cisco Nexus 3048交换机，SW02是位于数据中心B的广域网接...
Cloud Networking Community on Cisco Customer Connection
Join our community!!
As a valued Cisco Cloud Networking (former DCN) customer, you can be part of Cisco Customer Connection Program (CCP), Cisco’s global online community program. Connect ...
Join us for a live demo of Cisco Intersight Cloud Orchestrator to learn how you can simplify the orchestration and automation of your infrastructure and workloads across your hybrid cloud environment. We will take a closer look at Cisco Intersight Cloud O...
Hybrid Cloud Demo Series: Simplify Orchestration of Your Infrastructure and Workloads
Tuesday, September 7, 202110:00 am Pacific Time(San Francisco, GMT-08:00)Join us for a live demo of Cisco Intersight Cloud Orchestrator to learn how you can simpli...
Hybrid Cloud Demo Series: Simplify your hybrid cloud environment with Cisco Cloud ACI
Tuesday, August 24, 202110:00 am Pacific Time(San Francisco, GMT-08:00)Join us for a special Hybrid Cloud Demo Series webinar featuring Cisco Cloud Application Cen...