Under NE40 NAT users online game is frequently down, online users are not influenced.
Topology: NE40 (NAT)－－－firewall－－－net bar router (NAT)
1. Check the configuration and there is no problem.
2. Test it. Matching NAT Session port changes after the game is down.
3. The relation of device handling, solve it with command.
Users are down through NAT. It is possible that NAT translation table is aging. NAT aging on NE40 can be configured for each kind of protocol, and configuration is long. (By default it is 20-minute for TCP protocol and 2-minute for UDP protocol.) Time configuration is not problematic. NAT on NE40 handles the aging of translation table; it only handles FIN and RST packet of TCP protocol.
TCP is based on connection. Building link needs three handshakes and removing link also needs handshake operation. RST of TCP protocol is to re-build connection if there is connection error, but FIN is to close connection when transmission data is finished. TCP connection is full-duplex. The protocol permits it to close connection one-way or close it at the same time. Few programs permit half-closure state, namely, transmission can be made at another direction when transmission is closed at one direction. However, most of programs cannot be used in this way. When TCP connection receives packet with FIN, it regards this TCP connection is not used for data transmission.
NAT device is based on CACHE. When the traffic exists (It is one connection for TCP.), it need occupy the memory and creates translation table. When there are many users, occupied translation table is too much. It is required to recover the memory that the traffic without transmission uses. When NAT device handles the protocol, it recovers the memory for UDP protocol packet in a short time. But TCP protocol is based on connection; it cannot recover the resource quickly. For the connection receiving FIN, it regards that there is no transmission and recovers the memory. But there maybe disorder in the network. After NAT device receives FIN packet, it does not delete translation table at once and delete it after a while. It is a recognized value. It is usually set as 60-second. For special handling of TCP packet with FIN and RST, it can recover NAT device resource as soon as possible in order that NAT exhaustion influences the normal use of users.
The online game is down. When the device receives FIN packet, it resets and there is interruption after aging. Change the configuration ad nat tcp finrst 1 keep session forward enable and the problem is solved. The command may occupy much NAT session, it is suggested to use after consulting with R&D.
nat tcp finrst 1 keep session forward enable (transparent transmit fin packet and keep TCP connection)
nat tcp finrst 1 keep session forward disable (discard fin packet and keep TCP connection)
nat tcp finrst 1 reset session (It is default configuration. After receiving fin packet, change tcp session state from establish as fin. It is aged after several seconds.)
Much session will be occupied if it is changed with command. Use default setting. If it is required to change, confirm it with R&D.