09-09-2001 06:58 AM - edited 02-20-2020 09:49 PM
i am having a problem which is the number of connections is growing om the pix over 300 000 connection ,the main problem that the idle connection does not be closed .
if i make clear xlate nothing happend, i must reboot the pix
09-11-2001 10:12 AM
What version of the PIX OS are you running? This may be a known bug.
09-12-2001 12:05 AM
the Version 5.1(2)207
09-12-2001 04:10 AM
Need just a little more information. If your show conn is showing that DNS connections are not being released, then it may be bug:CSCds02935
Here's the release note:
DESCRIPTION:
PIX versions 5.1 and above may sometimes not release the UDP DNS connections
after the DNS query has resolved.
If a client makes a DNS query through the PIX, and received the reply, the
PIX marks the connection as removable, but does not delete the connection
entry as indicated by the output of a "show conn".
EXAMPLE:
The output of a "show conn" on the PIX will show many UDP entries, all with
the D- flag set. These are entries that can be deleted, but have not been.
FIX:
This bug has been fixed in 5.1(5), 5.2(4), and 5.3(1).
HTH
Jeff
09-20-2001 02:03 PM
Sounds like you need to change your xlate timeout settings. You might try to update the code and change the xlate time out.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: