Installation guide

ManualsBrandsCisco ManualsComputer equipmentExplorer 4700

301

302

303

304

305

306

307

308

309

310

8-6

Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance

OL-26645-01

Chapter 8 Configuring Parameter Maps

Configuring Connection Parameter Maps

More Settings

Exceeds MSS Indicate how the ACE is to handle segments that exceed the maximum segment size (MSS):

• Allow—The ACE is to permit segments that exceed the configured MSS.

• Drop—The ACE is to discard segments that exceed the configured MSS.

Full Proxy MSS

Mismatch

Allows the ACE to splice together the client front-end and the server back-end connections when the

ACE is proxying Layer 7 traffic flow and the negotiated front-end and back-end TCP handshakes do

not match. Uncheck the check box when you do not want the ACE to enable a connection when the

TCP handshakes do not match.

Max. Connection

Limit

Enter the maximum number of concurrent connections to allow for the parameter map. Valid entries

are integers from 0 to4000000.

Nagle The Nagle algorithm instructs a sender to buffer any data to be sent until all outstanding data has been

acknowledged or until there is a full segment of data to send. Enabling the Nagle algorithm increases

throughput, but it can increase latency in your TCP connection.

Check the check box to enable the Nagle algorithm. Clear the check box to disable the Nagle

algorithm.

Note Disable the Nagle algorithm when you observe unacceptable delays in TCP connections.

Random Sequence

Number

Randomizing TCP sequence numbers adds a measure of security to TCP connections by making it

more difficult for a hacker to guess or predict the next sequence number in a TCP connection.

Check the check box to enable the use of random TCP sequence numbers. Clear the check box to

disable the use of random TCP sequence numbers.

This option is enabled by default.

Bandwidth Rate Limit Enter the bandwidth-rate limit in bytes per second for the parameter map. Valid entries are integers

from 0 to 300000000 bytes.

Connection Rate

Limit

Enter the connection-rate limit in connections per second. Valid entries are integers from 0 to350000.

Reserved Bits Indicate how the ACE is to handle segments with the reserved bits set in the TCP header:

• Allow—Segments with the reserved bits are to be permitted.

• Drop—Segments with the reserved bits are to be discarded.

• Clear—Reserved bits in TCP headers are to be cleared and segments are to be allowed.

Type-of-Service IP

Header

The type of service for an IP packet determines how the network handles the packet and balances its

precedence, throughput, delay, reliability, and cost.

Enter the type-of-service value to be applied to IP packets. Valid entries are integers from 0 to 255.

For more information about type of service, refer to RFCs 791, 1122, 1349, and 3168.

ACK Delay Time

(Milliseconds)

Enter the number of milliseconds that the ACE is to wait before sending an acknowledgement from

a client to a server. Valid entries are integers from 0 to 400.

Table 8-3 Connection Parameter Map Attributes (continued)

Field Description