Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
412
Views
5
Helpful
1
Replies

Flow timeouts. Better Solution?

CCampbell_2
Level 1
Level 1

‎03-23-2005 06:33 PM

We use the CSS to load balance terminal server sessions (TCP/3389). We used to have people getting disconnected all the time until we added flow-timeout 2700. Which I forget the conversion but is something like 12 hours. I'm wondering is there a better way to do this? Maybe with the flow permanent port1 3389 command or flow long-lived?

This is for a CSS11503 running in routed mode. Here is a cutdown config, flow stats & show ver.

service SERV21

keepalive type tcp

keepalive port 3389

keepalive maxfailure 2

ip address X.Y.Z.151

keepalive frequency 30

active

service SERV22

keepalive type tcp

keepalive port 3389

keepalive maxfailure 2

ip address X.Y.Z.152

keepalive frequency 30

active

owner TriWest

content TSFarm

vip address A.B.C.21

flow-timeout-multiplier 2700

add service SERV21

add service SERV22

----------------------------------------------------

AGGREGATE FLOW STATISTICS PER-SP

----------------------------------------------------

Flow Manager Statistics - Slot 1, Subslot 1:

Cur High Avg

UDP Flows per second 1 723 1

TCP Flows per second 5 853 2

Total Flows per second 6 1178 3

Hits per second 0 133 0

Number of Allocated Flows (non-purged) 711

Number of Free Flows 64825

Number of Allocated fast-path FCBs 711

Number of Free fast-path FCBs 130361

----------------------------------------------------

AGGREGATE FLOW STATISTICS PER-PORT

----------------------------------------------------

----------------------------------------------------

Port Active Total TCP UDP

----------------------------------------------------

# 1/1-20 1 1499330 1 0

# 1/1-21 280 28557120 275 5

# 1/1-231 131 64849808 9 122

# 1/1-232 11 1040578 11 0

# 1/1-233 1 166485 1 0

# 1/1-234 287 207016381 258 29

CSS11503(config)# sh ver

Version: sg0730106 (07.30.1.06)

Flash (Locked): 07.20.2.06

Flash (Operational): 07.30.1.06

Type: PRIMARY

Licensed Cmd Set(s): Standard Feature Set

Secure Management

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎03-24-2005 12:01 AM

each connection consumes resources of the CSS.

This is why there is the concept of idle flow being garbage collected.

You can adjust the timeout with the flow-timeout as you did.

You could also disable timeout with flow-permanent.

[you can forget flow long-lived].

The risk when playing with this is that you prevent the CSS to claim back unused resources.

So you may end-up with no resource available for new connections.

If you go for flow-permanent, you should monitor level of resources with a 'flow stat'.

Make sure the number of free FCB is above 5,000.

Gilles.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card