Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

How is a TCP session created and deleted?

0

0

Article ID: KB5598 KB Last Updated: 22 Jul 2010Version: 3.0
Summary:
How is a TCP session created and deleted?
Symptoms:

Solution:
  1. TCP session is established and data is transmitted.
  2. TCP closing sequence initiated by server.
  3. NetScreen marks TCP session for deletion by setting a countdown timer to 1 CPU tick.  1 CPU tick equals 10 seconds.
  4. Garbage collection process routinely runs every 10 seconds.
  5. If no new packets arrive with the same hash classification as a previous packet the session is deleted from NetScreens session table.
  6. If a new packet arrives with the same hash classification, NetScreen assumes the session wants to be resumed and increments the countdown timer to 180 CPU ticks for TCP (180 ticks * 10 seconds = 1800 seconds or 30 minuets).
  7. Session is now resumed assuming sequence numbers pass the 64K window screening process.
  8. If the sequence numbers do not pass the 64K window screening process the packet is dropped and the countdown timer for the previous session is reset to 180 CPU ticks. 
  9. If a new packet arrives with the same hash classification, NetScreen will once again assume the session wants to be resumed and increments the countdown timer to 180 CPU ticks AGAIN.  This will result in a race condition or infinite loop provided the application continues to send packets with the same hash classification within a 30 minute (180 tick) period.
  10. This phenomena can be observed by issuing a get session command.
  11. The problem can be corrected by disabling TCP sequence checking.

Here is the problem or goal:

  • How is a TCP session created and deleted?

Applicable Products:

  • None


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search