Timeout Mechanisms - Cisco Nexus 3548 Configuration Manual

Nx-os interfaces release 9x

Hide thumbs Also See for Nexus 3548:

Command reference manual (556 pages)

Configuration manual (230 pages)

Installation manual (112 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

page of 138

/ 138
Contents
Table of Contents
Bookmarks

Table of Contents

Timeout Mechanisms

After dynamic NAT translations are created, they must be cleared when not in use so that newer translations

can be created, especially because the number of TCAM entries is limited. Cisco NX-OS Release 7.x supports

syn-timeout and finrst-timeout. The following NAT translation timeout timers are supported on the switch:

• syn-timeout—Timeout value for TCP data packets that send the SYN request, but do not receive a

• finrst-timeout—Timeout value for the flow entries when a connection is terminated by receiving RST

• tcp-timeout—Timeout value for TCP translations for which connections have been established after a

• udp-timeout—Timeout value for all NAT UDP packets.

• timeout—Timeout value for dynamic NAT translations.

• sampling-timeout—Time after which the device checks for dynamic translation activity.

The tcp-timeout, udp-timeout, and the timeout value timers are triggered after the timeout configured for

the ip nat translation sampling-timeout command expires.

The SYN, FIN and RST timers are not used for dynamic pool-based NAT.

Cisco Nexus 3548 Switch NX-OS Interfaces Configuration Guide, Release 9x

SYN-ACK reply.

The timeout value ranges from 1 second to 172800 seconds. The default value is 60 seconds.

or FIN packets. Use the same keyword to configure the behavior for both RST and FIN packets.

• If an RST packet is received after the connection is established, SYN-->SYN-ACK-->RST, the

flows are expired after the configured timeout value.

• If a FIN packet is received after the connection is established, SYN-->SYN-ACK-->FIN, the finrst

timer starts.

• If a FIN-ACK is received from the other side, the translation entry is cleared immediately, else it

clears after the timeout value completes.

Note

If dynamic pool-based configuration is used and a FIN-ACK is received, the

translation entry is not cleared.

The timeout value ranges from 1 second to 172800 seconds. The default value is 60 seconds.

three-way handshake (SYN, SYN-ACK, ACK). If no active flow occurs after the connection has been

established, the translations expire as per the configured timeout value. This timeout value starts after

the sampling timeout value completes.

The timeout value ranges from 60 seconds to 172800 seconds, including the sampling-timeout.

The timeout value ranges from 120 seconds to 172800 seconds.

Configuring Static and Dynamic NAT Translation

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Timeout Mechanisms - Cisco Nexus 3548 Configuration Manual

Timeout Mechanisms

Timeout Mechanisms

Hide quick links:

Related Manuals for Cisco Nexus 3548

Related Content for Cisco Nexus 3548

Table of Contents