ADTRAN AOS Version R10.1.0 Command Reference Manual page 1220

Command Reference Guide
vrf <name>
Default Values
By default, policy session timeouts are set to 600 seconds for established TCP policy sessions, and 60
seconds for all other protocols.
Command History
Release 18.2
Release R10.1.0
Functional Notes
This ipv6 policy-timeout command is used to configure the session timeout value for established policy
sessions. Use the commands
<timeout> on page 1210, and
timeout values for TCP FINISH (FIN), TCP RESET (RST), and pre-established TCP policy sessions.
Established TCP policy sessions are firewall sessions in which a three-way handshake has been
observed, but no RST has been received by either endpoint, nor has a FIN been received from both
endpoints. Established policy sessions can also be a stateless TCP policy session prior to the receipt of an
RST from either endpoint or a FIN from both endpoints, or a policy session for all non-TCP protocols.
Established policy session timeouts are configured to customize timeout intervals for protocols (by
specifying the protocol or a specific access control list (ACL)), specific services (by specifying the port
used or a specific ACL), and specific ingress policy classes. Multiple commands can be used to specify
different timeouts for different protocols, services, and ingress policy classes.
60000CRG0-35E
The following is the list of UDP port numbers that may be identified
using the text name (in bold):
biff (Port 512)
bootpc (Port 68
bootps (Port 67)
discard (Port 9)
dnsix (Port 195)
domain (Port 53)
echo (Port 7)
isakmp (Port 500)
mobile-ip (Port 434)
nameserver (Port 42)
netbios-dgm (Port 138) time (Port 37)
netbios-ns (Port 137)
netbios-ss (Port 139)
ntp (Port 123)
Optional. Specifies a nondefault VPN routing and forwarding (VRF)
instance on which to perform the policy timeout. If no VRF is specified,
the action is performed on the default VRF.
Command was introduced.
Command was expanded to include the ripng option for UDP ports.
ipv6 firewall fin-timeout <timeout> on page
ipv6 firewall tcp-unestab-timeout <timeout> on page 1212
Copyright © 2012 ADTRAN, Inc.
Global Configuration Mode Command Set
pim-auto-rp (Port 496)
rip (Port 520)
ripng (Port 521)
snmp (Port 161)
snmptrap (Port 162))
sunrpc (Port 111)
syslog (Port 514)
tacacs (Port 49)
talk (Port 517)
tftp (Port 69)
who (Port 513)
xdmcp (Port 177)
1209, ipv6 firewall rst-timeout
to configure
1220