[nsp] Pix 6.3(3) and UDP issues
Scott Morris
swm at emanon.com
Thu Sep 25 10:37:40 EDT 2003
Standard 2-minute UDP timeout. However, when DNS works correctly, the
connection will be closed immediately after the first reply is received.
That has certainly happened in the past as it should! And DNS sessions
were lasting longer than the 2 minute standard UDP anyway (while other
udp sessions were not), which makes me think it is specifically
something to do with the fixup dns code in 6.3(3).
Scott
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Turpin Mark
Contr AFCA/GCF
Sent: Thursday, September 25, 2003 10:29 AM
To: cisco-nsp at puck.nether.net
Subject: RE: [nsp] Pix 6.3(3) and UDP issues
> -----Original Message-----
> From: Scott Morris [mailto:swm at emanon.com]
> Sent: Thursday, September 25, 2003 9:09 AM
> To: Turpin Mark Contr AFCA/GCF; cisco-nsp at puck.nether.net
> Subject: RE: [nsp] Pix 6.3(3) and UDP issues
>
>
> No, no marking to be deleted... Just open connections, and
> were to port
> 53 udp. They had minimal byte counts, which suggests a DNS
> transaction.
> But otherwise, looked like a normal connection with high idle time.
>
> Scott
Hi Scott,
I'm curious: did you try adjusting the timeout values for
the UDP sessions?
I can see that perhaps helping in the event you have lots
of connections from numerous hosts. Whereas, if there
were a few hosts making connections, say a mail server
that was continuously making DNS queries, I could see
those connections remaining in your connection table.
cheers,
-Mark
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list