Troubleshooting High Session Use in Netscreen Firewalls
Troubleshooting High Session Use in Netscreen Firewalls ************************************************
This purpose of this document basically gives us a brief overview of the way of troubleshooting high session use in the Netscreen Firewalls . In other words , we can also say it shows us the way how we can proceed in analyzing the sessions in the Netscreen and finding the system (user) which creates a more number of sessions (toptalkers) and also the port where the user system is connected to the access switch with few commands .
What is a Session ?
In networking, a Session is a semi-permanent interactive information exchange, also known as a dialogue between two or more communicating devices, or between a computer and user. A session is set up or established at a certain point in time, and torn down at a later point in time. An established communication session may involve more than one message in each direction. In a session typically, but not always, at least one of the communicating parts need to save information about the session history in order to be able to communicate, as opposed to stateless communication, where the communication consists of independent requests with responses. Communication sessions may be implemented as part of protocols and services at the application layer, at the session layer or at the transport layer in the OSI model.
•
• •
Application layer examples: o HTTP sessions, which may allow dynamic web pages, i.e. interactive web pages, as opposed to static web pages. o A telnet remote login session Session layer example: o A Session Initiation Protocol (SIP) based Internet phone call Transport layer example: o A TCP session, which is synonymous to a TCP virtual circuit, a TCP connection, or an established TCP socket.
Now that we understand the basic concept why sessions are significant , let us proceed towards the first step in getting the session data for later analysis .
1) Getting session data from Netscreen :
i)
This purpose of this document basically gives us a brief overview of the way of troubleshooting high session use in the Netscreen Firewalls . In other words , we can also say it shows us the way how we can proceed in analyzing the sessions in the Netscreen and finding the system (user) which creates a more number of sessions (toptalkers) and also the port where the user system is connected to the access switch with few commands .
What is a Session ?
In networking, a Session is a semi-permanent interactive information exchange, also known as a dialogue between two or more communicating devices, or between a computer and user. A session is set up or established at a certain point in time, and torn down at a later point in time. An established communication session may involve more than one message in each direction. In a session typically, but not always, at least one of the communicating parts need to save information about the session history in order to be able to communicate, as opposed to stateless communication, where the communication consists of independent requests with responses. Communication sessions may be implemented as part of protocols and services at the application layer, at the session layer or at the transport layer in the OSI model.
•
• •
Application layer examples: o HTTP sessions, which may allow dynamic web pages, i.e. interactive web pages, as opposed to static web pages. o A telnet remote login session Session layer example: o A Session Initiation Protocol (SIP) based Internet phone call Transport layer example: o A TCP session, which is synonymous to a TCP virtual circuit, a TCP connection, or an established TCP socket.
Now that we understand the basic concept why sessions are significant , let us proceed towards the first step in getting the session data for later analysis .
1) Getting session data from Netscreen :
i)