Skip to main content
bejjit
bejjit
New Member
June 20, 2019
Solved

how to resolve a Lot of clash session

  • June 20, 2019
  • 1 reply
  • 8493 views

Hello,

i have a lot of clash

any suggestion

 

FGT500D $ diagnose sys session stat

misc info: session_count=15502 setup_rate=246 exp_count=626 clash=17417

memory_tension_drop=0 ephemeral=0/589824 removeable=0

npu_session_count=3414

nturbo_session_count=480

delete=83073, flush=1, dev_down=0/0 ses_flush_filters=0

flush_work_num=0

TCP sessions:

538 in NONE state

4437 in ESTABLISHED state

44 in SYN_SENT state

4 in SYN_RECV state

3 in FIN_WAIT state

534 in TIME_WAIT state

423 in CLOSE state

72 in CLOSE_WAIT state

firewall error stat:

error1=00000000

error2=00000000

error3=00000000

error4=00000000

tt=00000000

cont=1ef546cd

ids_recv=30d613e7

url_recv=00000000

av_recv=8b78184b

fqdn_count=00000039

global: ses_limit=0 ses6_limit=0 rt_limit=0 rt6_limit=0

    Best answer by hubertzw

    check which pools are not big enough:

     

    diagnose firewall ippool-all stats

    1 reply

    hubertzw
    hubertzwAnswer
    New Member
    June 20, 2019

    check which pools are not big enough:

     

    diagnose firewall ippool-all stats

    bejjit
    bejjitAuthor
    New Member
    June 20, 2019

    hi hubertzw

    i checking pools

     

    FGT500D $ diagnose firewall ippool-all stats

    vdom:tr owns 2 ippool(s)

    name: Test

    type: overload

    startip: x.x.x.20

    endip: x.x.x.20

    total ses: 3

    tcp ses: 3

    udp ses: 0

    other ses: 0

    name: kRd8

    type: one-to-one

    startip: y.y.y.96

    endip: y.y.y.127

    total ses: 0

    tcp ses: 0

    udp ses: 0

    other ses: 0

    hubertzw
    hubertzw
    New Member
    June 21, 2019

    Now it looks fine but you need to check when more people are connected. Monitor also the counter to see if it's stable or still increasing (clash=17417)

    Terms & ConditionsAccessibility statement