Forum Discussion
dragonflymr
Cirrostratus
CirrostratusSNAT, VS and multiple Idle Timeout setting
Hi,
I am a bit lost how Idle Timeout (IT) is managed when there are different object involved for given connection.
VS has Idle Timeout set via TCP profile (let's say it's Standard VS), SNA...
Hannes_Rapp_162
Nacreous
NacreousIn a given scenario, the connection's TCP idle timeout is 5 minutes (300 sec). The difference is that once the connection's record is removed from the Connections Table (due to timeout exceeded), the SNAT translation record will be retained for another 10 minutes (600 sec). In this state, the SNAT record will only consume memory and do nothing useful. For this reason, the SNAT record's Idle Timeout should be equal to the Idle Timeout value set in TCP profile, or less than that.
dragonflymrCirrostratus
CirrostratusI was thinking about idle situation and I am a bit afraid that it is not so simple. If SNAT record will be removed and then new record created then new record can use different source port or even different src.IP (when SNAT pool used) - at least that is my view - there is no info about previous ip and port used for given connection because SNAT record was deleted. In this case connection should broke as at least different src port can be used for packets, and if I am not wrong receiving side will not recognize it as any existing connection and reject such packet.
Am I wrong here?
Piotr
