Hey all,
We are experiencing an odd issue that may be related to our FWSM. Our DBAs are experiencing timeout issues when running Oracle SQLNet queries for connections that are anywhere between 30 minutes and 60 minutes idle. I can say with certainty that after 60 minutes the connection is lost, less than that I do not have concrete evidence yet. We have run some packet captures and analyzed the data using a third party analysis tool with their engineers and have found very little to say it is network. The DBAs say it isn't the database a setting on the clients and that the issue appears to have begun back when we implemented performance modifcations on our FWSM - upping the default mss from 1380 to 1460 and disabling TCP sequence randomization.
I saw another post on here that appeared to be similar, but I didn't; quite understand the "Correct Answer" solution or how to use it as it was quite generic.
We are running FWSM code 3.1(9)
Here is a listing of our timeouts and policies:
timeout xlate 3:00:00
timeout conn 4:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
class-map sqltraffic
match access-list sqltraffic
class-map TCP
match port tcp range 1 65535
class-map class_sip_tcp
match port tcp eq sip
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect sunrpc
inspect ils
inspect icmp
class class_sip_tcp
inspect sip
class sqltraffic
inspect sqlnet
class TCP
set connection random-sequence-number disable
sysopt connection tcpmss 1460
We plan to take the tcpmss back to default of 1380 and remove the class TCP to re-enable random-sequence-number
However I am curious if just having the class TCP in there, does this override the global timeout connection of 4:00:00 (4hr) ?
Thanks!
-dan
