Tweet
Juniper Netscreen 5GT Session Overflow
We have had Shoretel between two of our offices for the past 2 years. On location has the Director and Shoretel VM server for the two sites. At each site we had a Netscreen 5GT router that handled the VPN.
Two weeks ago we changed our network a bit. Our ISP is now handling our VPN (a MPLS network). We have the following routes in our Netscreens pointing to our ISPs router.
The immediate problem we had after doing so is that both Netscreens are having Session Overflow problems. I have download a program that can read the session dump and it shows that 85% of all of the session requests have a destination of the Director/VM Server.
I am getting the following errors on the netscreen. To clear the sessions, I have to telnet into each router and issue a CLEAR SESSION command. The 5GT has a max of 2000 sessions and we have never had a problem staying well underneath that.
In one office we have a L2 so we can't place a route in there, in the other office we have a L3 switch that I have also added the route to.
Anyone want to take a stab at why this is happening.
Two weeks ago we changed our network a bit. Our ISP is now handling our VPN (a MPLS network). We have the following routes in our Netscreens pointing to our ISPs router.
192.168.2.0/24 -> 192.168.3.3 (trust)
192.168.3.0/24 -> 192.168.2.3 (trust)
192.168.3.0/24 -> 192.168.2.3 (trust)
I am getting the following errors on the netscreen. To clear the sessions, I have to telnet into each router and issue a CLEAR SESSION command. The 5GT has a max of 2000 sessions and we have never had a problem staying well underneath that.
[00005] 2008-12-02 13:07:45 [Root]system-critical-00051: Session utilization has reached 1857, which is 90% of the system capacity!
Anyone want to take a stab at why this is happening.
Comment