fligor at illinois
Jul 17, 2012, 2:00 PM
Post #2 of 2
(320 views)
Permalink
|
Hi Lyle,
On Jul 16, 2012, at 19:03, Lyle Tagawa wrote:
> Greetings Foundry-NSP,
>
> We have an internal ServerIron ADX 12.3 sandwiched between a couple
> linux servers, one being the client of the other.
>
> The client reuses TCP source-ports as expected. tcp_tw_re(use|cycle)
> is disabled. I have observed however, that when my linux client
> reuses the source-port of a recently closed (8-12 seconds old) TCP
> connection, the ServerIron does not acknowledge the SYN.
>
> The linux client will retransmit using the same src-port after 3
> seconds, and again after 6 seconds (9 seconds total) if necessary.
>
> I believe the "3 second retransmission" and subsequent doubling is
> defined in RFC1122, but the 8-12 second window is just an observation.
>
>
> My question(s):
>
> How do I configure the ServerIron to either accept/acknowledge this TCP flow?
>
> Or, how do I configure the ServerIron to send a NACK or RST to the
> client, so that we can abort the 3/6/12 second retransmission timers?
I don't know how to do this, but the ADXes hold on to a session in the table for the amount of time specified by the "server msl" setting. The default is 8 seconds. If you want sessions to leave faster, you can change that setting to something smaller (although not smaller than 1 second). That might help with your port reuse issue here. We had a meeting last week with an ADX specialist and he mentioned we might want to turn this down from the default.
You can find details on page 122 of the ADX Server Load Balancing Guide for 12.3.01
--
-debbie
Debbie Fligor, n9dn Lead Network Engineer for CITES @ Univ. of Il
email: fligor [at] illinois <http://www.uiuc.edu/ph/www/fligor>
"Every keystroke can be monitored. And the computers never forget."
_______________________________________________
foundry-nsp mailing list
foundry-nsp [at] puck
http://puck.nether.net/mailman/listinfo/foundry-nsp
|
