On a 7206VXR running 12.3(13)a, a 'show ip inspect statistics' reveals:
Interfaces configured for inspection 65
Session creations since subsystem startup or last reset 334621
Current session counts (estab/half-open/terminating) [1534:63:0]
Maxever session counts (estab/half-open/terminating) [1676:314:27]
Last session created 00:00:00
Last statistic reset 11:53:44
Last session creation rate 978
Last half-open session total 1274
The ip inspect configuration is:
Session audit trail is disabled
Session alert is enabled
one-minute (sampling period) thresholds are [3500:4000] connections
max-incomplete sessions thresholds are [2000:2500]
max-incomplete tcp connections per host is 300. Block-time 0 minute.
tcp synwait-time is 30 sec -- tcp finwait-time is 5 sec
tcp idle-time is 3600 sec -- udp idle-time is 30 sec
dns-timeout is 5 sec
I had to increase the values for the max-incomplete low and high from
1200:1500, since previously the 'show ip inspect statistics' was
returning 'Half-open sessions or session creation rate exceeded'. Is
there a way to view the full table of half-open sessions? A 'show ip
inspect sessions' only returns the sessions seen in the current session
counts. And is there a way to clear said table, in the same manner as
clearing the nat table?
|All times are GMT. The time now is 03:33 PM.|
Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.