3620 session creation rate

Discussion in 'Cisco' started by Carl Byington, Mar 16, 2006.

  1. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    I am having a problem with a 3620 and session creation rate. This has been
    happening about weekly, and a reload of the router fixes it. But that is a
    bit drastic. There is a public dns/ntp server on the network, and 'show ip
    inspect sessions' shows about 130 dns sessions open, and about 24 ntp
    sessions in half open state.

    show ip inspect stat

    Interfaces configured for inspection 3
    Session creations since subsystem startup or last reset 1227665
    Current session counts (estab/half-open/terminating) [164:26:0]
    Maxever session counts (estab/half-open/terminating) [362:47:4]
    Last session created 00:00:00
    Last statistic reset never
    Last session creation rate 1607
    Last half-open session total 26
    Half-open session count or session creation rate exceeded

    When it gets into this state, new outbound tcp connections from internal
    machines hang, so web browsing and outbound email slows to a crawl. Not
    all outbound tcp connections timeout, but many of them do.

    ip inspect alert-off
    ip inspect max-incomplete high 2000
    ip inspect max-incomplete low 800
    ip inspect one-minute high 2000
    ip inspect one-minute low 800

    Is there a command to reset the ip inspect subsystem? Should those
    high/low limits above be raised to the 5-8K range?

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.6 (GNU/Linux)

    iD8DBQFEGZFxL6j7milTFsERAodxAJ9UxRRxR3u5wRsMG2qcHIJ3qMZJSgCfep6n
    JQDhbJ5H7TkFCRqg6E5yMMs=
    =LP2B
    -----END PGP SIGNATURE-----
     
    Carl Byington, Mar 16, 2006
    #1
    1. Advertising

  2. Carl Byington

    Merv Guest

    Merv, Mar 16, 2006
    #2
    1. Advertising

  3. -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On Thu, 16 Mar 2006 08:36:13 -0800, Merv wrote:

    > Try
    > show ip inspect stat reset



    > This SHOULD be a clear command. If you have a Cisco support contract open
    > a case and requested that it be changed.


    Thanks!


    > see the following URL for some procedures and other commands


    > http://www.cisco.com/en/US/products/ps6586/products_qanda_item09186a00800
    > 9464d.shtml


    Ah, it seems that I need

    ip inspect one-minute high 4000
    ip inspect one-minute low 3000


    > BTW why is there so many NTP session. Do you not have a NTP server inside
    > your network ?


    Yes, but it is a public stratum 2 server, with many external clients.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.6 (GNU/Linux)

    iD8DBQFEGhGmL6j7milTFsERAhnQAJ4zRmpoLjwNctNm8Uk9A/8xKqEEEgCfYVih
    l/k8C5EF/E6OMD4CVz0rgBs=
    =3Tfq
    -----END PGP SIGNATURE-----
     
    Carl Byington, Mar 17, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?U21pdGhlcmVlbg==?=

    Wizard disk creation problems

    =?Utf-8?B?U21pdGhlcmVlbg==?=, Apr 21, 2005, in forum: Wireless Networking
    Replies:
    3
    Views:
    584
    Michael
    Apr 23, 2005
  2. Replies:
    1
    Views:
    1,472
    Digital Photography Now
    Oct 4, 2005
  3. kalim
    Replies:
    0
    Views:
    1,123
    kalim
    Jul 12, 2007
  4. Radium
    Replies:
    1
    Views:
    1,734
    dadiOH
    Jul 18, 2007
  5. Patrick Cervicek
    Replies:
    0
    Views:
    884
    Patrick Cervicek
    Aug 7, 2007
Loading...

Share This Page