Forum Discussion
Ed_Summers
Nimbostratus
Jan 23, 2014LTM SNAT TCP timeout = "indefinite"
Ran into an issue of port exhaustion for one server in a SNAT. While researching I found SOL7606 which states:
"Note: When set to Indefinite, UDP or IP SNAT translation idle time-outs are intern...
nitass
Employee
Jan 24, 2014Can someone confirm that SNAT TCP connections, when configured with an "indefinite" timeout, will remain active in the system for this indefinite amount of time if not closed gracefully?
this unit is 10.2.4.
config
root@ve10(Active)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.9:ssh
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
tcp_indef { }
}
}
root@ve10(Active)(tmos) list ltm pool foo
ltm pool foo {
members {
200.200.200.101:ssh { }
}
}
root@ve10(Active)(tmos) list ltm profile tcp tcp_indef
ltm profile tcp tcp_indef {
defaults-from tcp
idle-timeout 4294967295
}
root@ve10(Active)(tmos) list ltm snat
ltm snat snatbar {
origins {
0.0.0.0/0
}
translation 200.200.200.252
}
test
root@ve10(Active)(tmos) show sys connection cs-server-addr 172.28.24.9 cs-server-port 22 all-properties
Sys::Connections
192.168.206.178:65164 - 172.28.24.9:22 - 200.200.200.101:22
-----------------------------------------------------------
TMM 0
Type any
Protocol tcp
Idle Time 465
Idle Timeout 4294967295
Unit ID 1
Lasthop external 00:01:e8:d5:d4:47
Virtual Path 172.28.24.9:22
ClientSide ServerSide
Client Addr 192.168.206.178:65164 200.200.200.252:65164
Server Addr 172.28.24.9:22 200.200.200.101:22
Bits In 22.5K 27.3K
Bits Out 26.0K 22.2K
Packets In 24 23
Packets Out 19 23
Total records returned: 1
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects