Forum Discussion

dragonflymr's avatar
dragonflymr
Icon for Cirrostratus rankCirrostratus
Mar 18, 2015

SNAT, VS and multiple Idle Timeout setting

Hi,   I am a bit lost how Idle Timeout (IT) is managed when there are different object involved for given connection.   VS has Idle Timeout set via TCP profile (let's say it's Standard VS), SNA...
application delivery
design
LTM
TMOS
Hannes_Rapp's avatar
Hannes_Rapp
Icon for Nimbostratus rankNimbostratus
Mar 19, 2015

In a given scenario, the connection's TCP idle timeout is 5 minutes (300 sec). The difference is that once the connection's record is removed from the Connections Table (due to timeout exceeded), the SNAT translation record will be retained for another 10 minutes (600 sec). In this state, the SNAT record will only consume memory and do nothing useful. For this reason, the SNAT record's Idle Timeout should be equal to the Idle Timeout value set in TCP profile, or less than that.

 

dragonflymr's avatar
dragonflymr
Icon for Cirrostratus rankCirrostratus
Mar 19, 2015
Are you sure about that? That can cause quite a mess (if I am not wrong) when setting is other way around: TCP IT - 300 s SNAT IT - 100s Will in this case SNAT record be removed before connection is removed for Connection Table? If so what will happen with connection - it will be broken because there will be no SNAT record used for src IP translation presesnt any more? Piotr