Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

"timeout xlate" setting is not clearing the xlate table

The xlate table does not appear to be clearing itself once the xlate timer has been exceeded. This results in all the translations being used up and denying access to new users trying to get on the Internet. We are running version 6.0(1) on a PIX-520.

My understanding is that the xlate table should expand and compress based on usage and on the timeouts. Below are the timeout commands we have set:

timeout xlate 4:10:00

timeout conn 1:00:00 half-closed 0:59:00 udp 0:58:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 4:00:00 absolute uauth 0:30:00 inactivity

Does anybody else experience this?

1 REPLY
Cisco Employee

Re: "timeout xlate" setting is not clearing the xlate table

There is a few bugs with the xlates not clearing, especially with DNS connections which can very quickly chew up all your xlates. You're correct in stating that the xlate timeout SHOULD clear the xlate, so you're not doing anything wrong.

Upgrade to 6.2(2) and it should go away.

394
Views
0
Helpful
1
Replies
CreatePlease to create content