Manualshelf

Troubleshooting guide

ManualsBrandsBay Networks ManualsComputer equipmentBayRS
171172173174175176177178179180
Appendix A: State Tables for VPN-1/FireWall-1 4.0 Specific services tables
Advanced Technical Reference Guide 4.1 June 2000 167
The values are the IP addresses of the physical servers. The number of values may change, as not all server
groups are the same size.
logical_cache_table table
The logical_cache_table table holds cache information for load balancing. Each connection is recorded in the
table so it will always be directed to the same security server.
Example
attributes: refresh expires 1800 limit 1000
<c0a81201, c073cd1f, 00000017, 00000002; c0a81f0e, 00000017, 00000000;
1790/1800>
<c0a82801, c073cd0c, 00000050, 00000003; c0a80c1c, 00000050, 000080dc;
1794/1800>
<c0a82801, 0029dc98; 18000000; 1793/1800>
The logical_cache_table table uses one of the following formats.
If domain caching is not used (lines 1 and 2 above):
<source IP address, logical server’s IP address, destination port, rule number; physical server IP address,
physical server port, additional value; time left/total time>
Here the destination IP address is the logical server’s IP address. The additional value field has a value of 0 for
servers of type “other” or holds the in.lhttpd port number for “HTTP”.
If domain caching is used (line 3 above):
<Source IP address, logical server unique identifier; flags specifying the physical servers to use; time left/total
time>
Specific services tables
icmp_connections table
The icmp_connections table holds state information for ICMP connections.
Example
attributes: sync refresh expires 60
<c0a80e1c, 00005e68, c073cd1f; 59/60>
The icmp_connections table uses the following format:
<source IP address, ICMP id, destination IP address of the ICMP connection; time left/total time>
h323_tracer_table table
The h323_tracer_table table holds the information regarding the h323 control. Due to the unique nature of the
h323 protocol, different ways of implementing it can cause great differences in the appearance of packets. In
some cases packets for control and data are different while in other cases the control and data are mixed and
their order is different.
This table holds the information about the packet that is expected next, whether control or data.