Cisco ACE Module Time-wait default

Unanswered Question
Mar 5th, 2009

Hi

Anyone know what is the TCP time-wait of the Cisco ACE module. Below is the defination of the time-wait state in TCP

The client waits for a period of time equal to double the maximum segment life (MSL) time. This gives enough time to ensure the ACK it sent to the server was received.

Please help. Thanks in advance

Alan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Thu, 03/05/2009 - 02:57

Alan, this timeout is not involved.

ACE just lets the client and server decide when to retransmit.

What is your concern or problem ?

Gilles.

caijunjie Thu, 03/05/2009 - 09:13

Hi Gilles

Thanks for the reply. I am quite new to ACE.

I am wandering will port randomaization have effect on the ACE if I have a heavily loaded server that is load balance by the ACE.

Hope I make some sense. Please correct me if i am wrong. Thanks in advance

Regard

Alan

Gilles Dufour Fri, 03/06/2009 - 00:12

Alan,

The important resource of ACE is the number of concurrent connections.

So, whatever you enable/disable on your server will not impact ACE unless this leaves connections hanging there without being closed properly.

Our default idle timeout is 1hour.

If you have some concerned about the amount of connections, reduce this value.

Otherwise, as I said, none of the TCP parameters you could change on the server will affect ACE.

G.

alain.sarrazin Wed, 01/12/2011 - 13:22

Gilles,

I was wandering the samething, what the tcp time-wait default value on a ACE module. We have servers which this timer is set to 60 seconds and we do natting (PAT) on the ACE. When the server send the last tcp ack after the tcp fin from the client, the server waits 60 seconds to clear the connection. Does the ACE terminate the connection as soon as the last ack is received or it waits a certain period of time. If it doesn't wait anytime, it is possible that the ACE uses a same source port (when PAT is done) as one use in the last 60 seconds.

Client (Send TCP FIN) ---> ACE (NAT) ----> Server

Server (Send TCP ACK) ----> ACE -----> Client

Server Time-wait = 60s, after the connection is closed.

Thanks !

Alain

Actions

This Discussion