Because of the ageing time allocation lead to some site USG5360 video card problem

Publication Date:  2012-10-11 Views:  167 Downloads:  0
Issue Description
Networking:

Fault phenomenon:
1, from the C area network access area A video business is very slow; But in the area B server access area A video business is normal.




Alarm Information
None.
Handling Process
1, now network USG5360 load sharing networking, in order to eliminate two-node cluster hot backup network problems, simplify the networking, take one of the equipment off the internet, only a device operating in the network, the phenomenon is still there, so the problem is not relevant with the two-node cluster hot backup networking.
2, check firewall conversation, confirm video business is RTSP agreement, and at the same time the video data transmitted by the RTSP control channel.
RTSP  (vpn: public -> public)
  zone: trust -> untrust  tag: 0xa0083588  State: 0x53
  ttl: 00:00:30  left: 00:00:30  Id: 2d299350  SlvId: 29c2ee70
  Interface: G0/0/1  Nexthop: 173.0.12.3  Mac: 00-25-9e-14-74-81
  <-- packets:24830 bytes:33835619   --> packets:12422 bytes:497596
  10.45.128.227:3146[173.0.12.8:28106]-->173.0.2.31:554
Because data channel borrowing control channel session, the firewall need not to open “detect RTSP”, and the data message after open the detect also be given to VRP processing, it has influence to the data business forward, then the now network closed detect the problems still.
3, Due to after closing link state test, the RTSP session aging time is 30 seconds, doing NAT application scenarios, if session aging off, the subsequent have the same five elements group business will establish new session, the NAT port is different with the original session port, then the server will disconnect the link anomaly. Doubt it is relevant with conversation aging. Testing after the now network changed the RTSP aging time to the default 1800 seconds, found that business is normal, then view conversation, found that modify aging time ago exists 30 seconds no flow session aging situation, as follows:
  RTSP  (vpn: public -> public)
  zone: trust -> untrust  tag: 0xa0083588  State: 0x53
  ttl: 00:30:00  left: 00:25:08  Id: 3526cfa8  SlvId: 2f78d710
  Interface: G0/0/1  Nexthop: 173.0.12.3  Mac: 00-25-9e-14-74-81
  <-- packets:1769 bytes:1686723   --> packets:938 bytes:41429
  10.45.128.227:4122[173.0.12.8:24737]-->173.2.2.14:554
4, then the now network open the link state detection and open fast backup, using two-node cluster test, business is normal.
Root Cause
After the USG5360 of network close link state test, RTSP session aging time is 30 seconds, video business exist the condition that no flow if more than 30 seconds, the NAT session is aging off, the subsequent video business visit need a new conversation, The port has been done NAT is not the same with the before session, lead to the server be off abnormally, and then lead to business slowly.
Suggestions
1, in the circumstances closing link state detection, as the general session aging time is usually short, in the NAT scene it will exist the situation business slow or got disconnected, it probably relevant with conversation aging, can test by modify the corresponding agreement session aging time to long.

END