Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
516
Views
0
Helpful
4
Replies

CSS and TCP-timer

jfoerster
Level 4
Level 4

‎03-04-2004 07:50 AM

Hello,

I'm searching for a possibility to adjust the timer when a TCP-session is declared to be down.

The config is quite easy a VIP pointing to several services.

I found a solution by using add destination service... but I do not have the possibility to do source-natting so this solution is not possible.

Unfortunately I did not find another possibility to adjust the TCP-flowtimer as possible by source-natting.

Is there any way to achieve this without source-natting?

Kind regards,

Joerg

Labels:
0 Helpful
4 Replies 4

stevehall
Level 1
Level 1

‎03-04-2004 11:45 AM

Joerg,

That process I think you are referring to is called "garbage collection" on the CSS. That is when we clear out flows that have been idle.

Normally, flows are cleared out when we see a normal close sequence, so garbage collection only applies to connections that are idle.

There are a few commands available that control this, such as:

flow permanent <-- disables garbage collection for a single TCP port

flow port <--- adjusts the timer for a single TCP port

Is that what you are looking for, or did I misunderstand your question?

Are you looking to increase or decrease the connection timers?

-Steve

0 Helpful

sean.cheney
Level 1
Level 1
In response to stevehall

‎03-04-2004 12:01 PM

Note that "flow permanent" should be used with some degree of caution. Flow's which are not taken down cleanly (FIN,ACK,ACK) will sit in memory forever as they are not subject to garbage collection and are "permanent", eventually this can consume all the resources and lead to failure.

The workaround for this is to use the cmd scheduler to remove and re-apply the associated flow perm command on some interval.

0 Helpful

jfoerster
Level 4
Level 4
In response to sean.cheney

‎03-05-2004 02:06 AM

Hi Steve, Sean,

thanks for the infos. I will give it a try with long-lived flows followed by flow permanent. As soon as I've the results I will come back to you.

Regards,

joerg

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to jfoerster

‎03-08-2004 07:36 AM

if you have a CSS 2ng generation you can control the timeout per content rule with the command 'flow-timeout-multiplier'

You should use a timeout solution first before going for the permanent port solution which could at long term have negative effect [if you run out of resources - called FCB - you will process switch the traffic and reduce badly the performance].

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card