Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member


client through CSS port 13059 to server

randomly stops after 20 minutes and session is stopped - sniffer shows TCP Reset

Is there a default setting for TCP Resets on a CSS?

In the "show flow" how long do these remain before they are removed?

Cisco Employee

Re: CSS TCP Reset

Hi Victoria

The CSS run a process called Garbage collection, this is because when booting up the CSS allocates part of its memory into FCBs (Flow Control Blocks) which are used to allocate flows on the flow table.

If the CSS would run out of FCBs, then it would not be able to handle more flows, for that reason iddle flows are removed from the Flow table, this is what "Garbage collection" is.

The default timeout for flows to be moved from the Flow Table to a spoof table is 16sec, so it is possible that those flows are getting garbage collected.

This is a possibility, but many other things might cause the issue, you said that traces show RST, did you got traces at both sides of the CSS? is the RST showing only between the CSS and the client? is it present on the server side?

Since this traffic is on port 13059 I would guess your content rule is layer 4, if so the CSS will just pass the traffic (no spoofing) so it would be important to veirfy that the RST is actually not coming from the server itself and being just forwarded as this is also a possibility.

Could you provide the CSS configuration and/or showtech? Can I see those traces?