cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1906
Views
0
Helpful
4
Replies

pix 520 to many connection

i.elnory
Level 1
Level 1

i am having a problem which is the number of connections is growing om the pix over 300 000 connection ,the main problem that the idle connection does not be closed .

if i make clear xlate nothing happend, i must reboot the pix

4 Replies 4

j.hofman
Level 1
Level 1

What version of the PIX OS are you running? This may be a known bug.

the Version 5.1(2)207

Need just a little more information. If your show conn is showing that DNS connections are not being released, then it may be bug:CSCds02935

Here's the release note:

DESCRIPTION:

PIX versions 5.1 and above may sometimes not release the UDP DNS connections

after the DNS query has resolved.

If a client makes a DNS query through the PIX, and received the reply, the

PIX marks the connection as removable, but does not delete the connection

entry as indicated by the output of a "show conn".

EXAMPLE:

The output of a "show conn" on the PIX will show many UDP entries, all with

the D- flag set. These are entries that can be deleted, but have not been.

FIX:

This bug has been fixed in 5.1(5), 5.2(4), and 5.3(1).

HTH

Jeff

jkimble
Level 1
Level 1

Sounds like you need to change your xlate timeout settings. You might try to update the code and change the xlate time out.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: