Forum Discussion
steelplate_8766
Nimbostratus
NimbostratussNAT to Windows server and port collision
Hi,
I have an F5 doing sNAT, and the problem I face is that the windows server keeps the port in time_wait (currently default 240 seconds windows 2003 server). The F5 will attempt to reuse the client...
steelplate_8766Nimbostratus
Nimbostratuswow, thanks for the detail on the F5 plugin, that will make life easier for sure !
we have multiple IP's in the sNAT pool
time wait is set to 300000 ms , though I believe this is the f5 time wait, and has no effect on the server timewait or how the f5 acts when the server is in timewait
time wait recycle is currently enabled, and we tried disabled, but as above, as this is a server timewait, I don't think this will make any difference
we replicated this failure with 1 user on their second tcp connection when we use port change. after the first tcp connection closed, the server went to time-wait, and then client spawned a new connection with client local port +1. The f5 tried to reuse the same local port from the previous connection to the server, and got no response. This was within 3 seconds of the previous connection closing, so AFAIK, the f5 should NOT have attempted to reuse the server socket because as per the rfc , it would be in timewait.
I thought that maybe the f5 would attempt reuse with tcp assassination principles, but if it is, it's failing as the ISN's aren't acceptable by the server for assassination to work.
