[c-nsp] Thousands of tcp sessions stuck in TIMEWAIT

Keegan Holley keegan.holley at sungard.com
Sun May 15 02:57:11 EDT 2011


what ports? can you post some of it?



On Fri, May 13, 2011 at 8:46 PM, Kevin Graham <
kgraham at industrial-marshmallow.com> wrote:

> vty access lists along with login max-failure? (guessing somewhat blindly
> without visibility into what the active tcb's were)
>
> [sent from my mobile]
>
> On May 11, 2011, at 7:47 AM, Joe Freeman <joe at netbyjoe.com> wrote:
>
> > I have a customer with an 1841 doing webvpn, running
> advsecurity-12.4-24.T5.
> > They have been randomly loosing the ability to connect to resources
> through
> > this unit.
> >
> > A show tcp brief reveals that there are thousands of sockets stuck in
> > TIMEWAIT. In fact it took almost six minutes for the show tcp brief to
> dump
> > it's output to a file in flash:.
> >
> > A clear tcp tcb * will, of course wipe out all the connections and allow
> the
> > customer to resume making connections for a time.
> >
> > Anyone have any thoughts on how I should troubleshoot this further, or
> even
> > better, thoughts as to resolution?
> >
> > Thanks-
> > Joe
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>


More information about the cisco-nsp mailing list