tcp-session
Syntax
tcp-session {
aggressive-tcp-ack;
fin-invalidate-session;
maximum-window(128K | 1M | 256K | 512K | 64K);
no-sequence-check;
no-syn-check;
no-syn-check-in-tunnel;
rst-invalidate-session;
rst-sequence-check;
strict-syn-check;
tcp-fast-open;
tcp-initial-timeout seconds;
tcp-selective-ack;
time-wait-state {
(session-ageout | session-timeout seconds);
}
}
Hierarchy Level
[edit security flow]
Description
Configure TCP session attributes:
-
Aggressive TCP ACK
-
FIN invalidate session—To Immediately end the session on receipt of fin (FIN) segment.
-
Maximum window—Maximum TCP proxy scaled receive window, default 256K bytes.
TCP sequence number checking.
TCP SYN bit checking.
Reset (RST) checking.
Initial TCP session timeout—The minimum value you can configure for TCP session initialization is 4 seconds. The default value is 20 seconds; if required you can set the TCP session initialization value to less than 20 seconds.
Strict TCP SYN checking.
-
TCP fast open (FSO) for TCP proxy session.
TCP session timeout for time-wait state.
-
TCP selective ack for TCP proxy session.
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this in the configuration.
security-control—To add this to the configuration.
Release Information
Statement introduced in Junos OS Release 8.5.