Table of Contents
Advertisement
Command Reference Guide
ipv6 firewall fin-timeout <timeout>
Use the ipv6 firewall fin-timeout command to configure the firewall policy session timeout for a
Transmission Control Protocol (TCP) policy session closed by a bidirectional FINISH (FIN). The policy
session timeout determines when the time to live (TTL) for the session expires, and thus ends the session.
Using the no form of this command returns the timeout to the default value. Variations of this command
include:
ipv6 firewall fin-timeout <timeout>
ipv6 firewall vrf <name> fin-timeout <timeout>
Syntax Description
<timeout>
vrf <name>
Default Values
By default, the FIN timeout is set to 4 seconds.
Command History
Release 18.2
Functional Notes
A policy session closed by a TCP FIN is one in which a FIN has been received from both endpoints
participating in the session. This command is used when configuring firewall session timeouts for Internet
Protocol version 6 (IPv6).
If the timeout is defined to be zero, the policy session will be deleted immediately without entering a
post-connection state. This could be necessary for hosts that do not implement the TIME_WAIT TCP state
correctly, but instead permit immediately reopening closed sessions.
Usage Examples
The following example changes the IPv6 firewall session timeout for TCP policy sessions closed by a FIN
to 10 seconds:
(config)#ipv6 firewall fin-timeout 10
60000CRG0-35E
Specifies the session timeout in seconds. Valid range is 0 to 4294967295
seconds.
Optional. Specifies a nondefault VPN routing and forwarding (VRF) instance on
which to perform the timeout. If no VRF is specified, the action occurs on the
default VRF.
Command was introduced.
Copyright © 2012 ADTRAN, Inc.
Global Configuration Mode Command Set
1209
Advertisement
Table of Contents
