Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

session-scan

Syntax

Hierarchy Level

Description

Session scan provides an efficient method to traverse the session table to check and update each session. You can configure the session-scan option at two levels, entry level and module level. The entry level session-scan requests session scan only when the configured entries have the new addresses, while the module level takes all the entries belong to dynamic address into the scope. By default, the session-scan for dynamic address are disabled due to the session scan is CPU intensive.

The session scan checks all sessions source pool ID and ensures all session associated with modified pool can be removed. Session scan consumes more CPU cycle and is better not to trigger the session scan frequently. When one pool gets modified, session scan is not immediately triggered. When the modified pool number is greater than or equal to 1024 or becomes more than ten seconds, the session scan is triggered. The 10 second delay is designed to merge the session scan. For example, the first pool gets modified and after five seconds the second pool is modified, then after five seconds the session scan gets triggered, and thus for first pool and second pool the session scan gets merged together.

Required Privilege Level

security

Release Information

Statement introduced in Junos OS Release 20.4R1.

Related Documentation