I have an issue with a new application on my CSS 11500. There are three interfaces on the CSS, an internet I/F, a webfarm I/F and an inside I/F.
The CSS also has an SSL engine installed.
Traffic arrives at the internet I/F and is rung through the SSL before hitting a content rule which makes a clear text backend connection to a webserver on the webfarm. That server then talks to an application server on the inside I/F using a non standard port.
The problem I have is with timeouts. The threeway handshake is being established ok between the webserver and the app server but because the appserver takes a long time to process the first reply (around 70 seconds) I think the CSS is tearing down the flow before the app server is ready to send.
On the webserver vlan is an ACL to allow this traffic to the appserver but it is only a permit TCP acl like this...
CLAUSE XX PERMIT TCP NQL somename DESTINATION NQL someothername RANGE YYYY-YYYX
When i do 'show ACL' for this clause I can see content hits on it. I'm a bit confused here as this acl has no 'content' parameter specified I would have thought it would show router hits ?
On the original inbound ACL (from the internet I/F) I have a flow timeout multiplier of 20 configured. But this should be a seperate flow ?
What I want to know is this...
Given that there are content hits on this clause is the flowtimeout 20*16 or the default 16 seconds ?
It would seem to me that it should be 16 seconds but im confused because of the content hits. If it is 16 seconds, how can I change it to say 2 mins without using the flow permanent command ?
Any light shed on this would be grately appreciated.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
Introduction Prepositioning is a powerful tools on the WAAS platform but
it is not always easy to figure out why your jobs are failing when
trying to retrieve the files.Here is a method that should help you to
figure out the reason why they are not succes...