Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
315
Views
0
Helpful
1
Replies

CAT6500 "show ip slb conn" shows ESTABLISHED after 2nd step in 3-way tcp ha

isabella007
Level 1
Level 1

‎11-02-2005 08:09 PM - edited ‎03-03-2019 12:39 AM

Have a CAT-6500 running Version 12.1(8b)E15, EARLY DEPLOYMENT RELEASE SOFTWARE.

"show ip slb conn" shows sessions in ESTABLISHED state after 2nd step of the

3-way tcp handshake has been completed. If DoS attack using spoofed IP addresses, third and final ACK packet never arrives. Connection will remain in this state because neither the server nor the client or

any device in between has a record of this session? Can we change this behavior? Any settings controlling this? real server in farm quickly reaches the MAX threshold setup, in this case 250 connections.

Labels:
0 Helpful
1 Reply 1

pradeepde
Level 5
Level 5

‎11-08-2005 11:51 AM

not sure if the setting can be changed, but Established is IOS SLB TCP connection processed a SYN-SYN/ACK exchange between the client and server.

0 Helpful
Customers Also Viewed These Support Documents