RE: Definition of terms... Do you know the answer?? [7:43090]

Thu, 02 May 2002 05:39:40 -0700 

Hi!

timeout xlate: Idle time until a translation slot if freed.

timeout conn: Idle time until a connection slot is freed.

There is a distinction made between translated sessions (produced by nat,
global, static,  access-list, access-group commands)and connected sesssions
when discussing the PIX firewall. Translations are at the IP layer,
connections are at the transport layer. You cab have many connections open
under one translation.

timeout half-closed: Idle time until a TCP half-close connection is freed.

timeout udp: Idle time until an UDP slot is freed.

timeout rpc: Idle time until an UDP slot is freed.

If a given slot has not been used for the idle time specified, the resource
is returned to the free pool.

So one purpose of these commands is resource management. Another purpose is
to provide the 'Adaptive' part of the ASA, as the unused ports will be
closed.

Best regards,

            Tamas Horvath
            network engineer
            Tel.: +36 22/515-452,
            Fax: +36 22/327-532
            E-Mail: [EMAIL PROTECTED]
Message-ID: 
From: Mark Odette II 
Reply-To: Mark Odette II 
To: [EMAIL PROTECTED]
Subject: Definition of terms... Do you know the answer?? [7:43090]
Date: Thu, 2 May 2002 07:29:44 +0200 
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain; charset="iso-8859-2"

Folks, I've been trying to find the answer to a couple of questions I have,
and unfortunately, my patience is thin at the moment due to a really bad
allergy attach, which in turn is making me barely be able to stay at the
computer.... but I've got to solve a problem.

So, could someone give me the low-down on what the following terms/settings
really mean in relation to TCP/UDP communications?

These terms are related to settings on a Firewall (PIX or Router), and
explanations relating to such would really help me understand their
purpose/functionality.  Thanks in Advance!!

timeout xlate

timeout conn

timeout half-closed

timeout udp

timeout rpc


I've got what I believe is a solid idea of what the first one, and perhaps
the second one covers... but someone formally explaining them all will make
me, and I'm sure many others benefit.

Thanks,
Mark




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43106&t=43090
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to