组网无,设备运行版本R9141P30。
(1)
会话创建
[11:06:11] Tuple5(EVENT): 100.*.*.40/10605-->100.92.16.129/1521(TCP(6)) [11:06:11] Session entry was created. [11:06:11]*Dec 5 11:06:11:320 2020 SRV3_FW_M9010_A_E3_10U_CS1 SESSION/7/TABLE: -Chassis=1-Slot=7.1; [11:06:11] Tuple5 (FSM): 100.*.*.40/10605-->100.*.*.129/1521(TCP(6)) [11:06:11] FSM:NONE-->TCP_SYN_SENT, dir:ORIGIN, PacketType:SYN(2) [11:06:11]*Dec 5 11:06:11:320 2020 SRV3_FW_M9010_A_E3_10U_CS1 SESSION/7/TABLE: -Chassis=1-Slot=7.1; [11:06:11] Tuple5(EVENT): 100.*.*.40/10605-->100.*.*.129/1521(TCP(6)) [11:06:11] Session entry was backuped. |
会话删除
[11:16:38] Tuple5(EVENT): 100.*.*.40/10609-->100.*.*.129/1521(TCP(6)) [11:16:38] Session entry was deleted. [11:16:38]*Dec 5 11:16:38:869 2020 SRV3_FW_M9010_A_E3_10U_CS1 SESSION/7/TABLE: -Chassis=1-Slot=7.1; [11:16:38] Tuple5(EVENT): 100.*.*.40/10609-->100.*.*.129/1521(TCP(6)) [11:16:38] Session entry was deleted. |
(2)
会话对应TTL为调整之后的24小时,应用为SQLNET。
[11:06:12]CPU 1 on slot 7 in chassis 1: [11:06:13]Initiator: [11:06:13] Source IP/port: 100.*.*.40/10605 [11:06:13] Destination IP/port: 100.*.*.129/1521 [11:06:13] DS-Lite tunnel peer: - [11:06:13] VPN instance/VLAN ID/Inline ID: -/-/- [11:06:13] Protocol: TCP(6) [11:06:13] Inbound interface: Reth2 [11:06:13] Source security zone: Trust [11:06:13]Responder: [11:06:13] Source IP/port: 100.*.*.129/1521 [11:06:13] Destination IP/port: 100.*.*.40/10605 [11:06:13] DS-Lite tunnel peer: - [11:06:13] VPN instance/VLAN ID/Inline ID: -/-/- [11:06:13] Protocol: TCP(6) [11:06:13] Inbound interface: Reth1 [11:06:13] Source security zone: Untrust [11:06:13]State: TCP_ESTABLISHED [11:06:13]Application: SQLNET [11:06:13]Rule ID: 7888 [11:06:13]Rule name: 长连接测试策略 [11:06:13]Start time: 2020-12-05 11:06:11 TTL: 86398s [11:06:13]Initiator->Responder: 1 packets 60 bytes [11:06:13]Responder->Initiator: 0 packets 0 bytes |
查看应用老化时间为600s
<M9010>display session aging-time application | in sqlnet sqlnet 600 |
现场业务板型号为NSQM1FWDFGD1,首包在CPU创建会话之后会生成逻辑会话,之后的报文走逻辑转发,不再上CPU处理,实际生效的时间为逻辑会话老化时间。但当前版本安全策略下配置长连接不会下刷给逻辑,而是将该应用的默认老化时间下到逻辑,生效的不是配置的24小时,而是应用sqlnet的600秒。
经过分析最终定位故障原因为:当前版本(R9141P30)安全策略下配置长连接不会下刷给逻辑,而是将该应用的默认老化时间下到逻辑。
1、
2、
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作