PIX v 7.2(1) embryonic session limit connection drops

Discussion in 'Cisco' started by Roland Sonder, Jun 28, 2007.

  1. Hi all,

    On a PIX-515 running v7.2(1) a continuous large amount of packets are
    beeing dropped because of exceeding the embryonic counter limit
    currently set to 500.
    Although lot's of connections are beeing dropped, no enduser complaint's
    are yet reported.
    Nevertheless I need verify this in order to understand what's going in
    the network and also get to know the behaviour of the PIX itself better.
    During the problem analysis I discovered a strange behaviour I don't
    really understand. Maybe it is like this by design.

    The PIX is dropping connection requests initiated from outside to
    internal clients which are prohibited by the ruleset (ACL).
    Actually this is ok and wanted.
    For me the strange thing is that it is dropping this connection requests
    with the "embryonic session limit" feature and not with the ACL deny
    statement. Additionally the PIX is also dropping legitimate TCP
    connections using this mechanism.

    Is this by design wanted and to be seen as a normal behaviour ?
    Does the PIX dropping any further session requests once the embryonic
    counter limit has been reached before checking the ACLs ?

    Roland
    Roland Sonder, Jun 28, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Steve

    Wireless Connection drops / PS2 connection

    Steve, Jul 27, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    784
    Clark
    Jul 27, 2005
  2. Brian
    Replies:
    0
    Views:
    494
    Brian
    Oct 21, 2003
  3. John Doe

    Embryonic Connection Question

    John Doe, Sep 7, 2004, in forum: Cisco
    Replies:
    0
    Views:
    2,004
    John Doe
    Sep 7, 2004
  4. kalim
    Replies:
    0
    Views:
    1,051
    kalim
    Jul 12, 2007
  5. garywi

    Wireless Connection Drops, then connects, drops...

    garywi, Feb 12, 2009, in forum: Wireless Networking
    Replies:
    1
    Views:
    654
    Robert L. \(MS-MVP\)
    Feb 12, 2009
Loading...

Share This Page