The device tables store information about sessions passing through the device. Some of the tables store information for every source-destination address pair of traffic going through the device, which includes Layer 3 information. These pairs require an entry for each combination. Some of the tables need to keep information about Layer 4 sessions, which means that every combination of source-address, source-port, destination address, and destination port requires its own entry in the table.
Note Layer-4 tables are usually larger than Layer-3 tables. For example, a typical TCP client, using HTTP, opens several TCP sessions to the same destination address.To view a list of values for LinkProof tuning tables, log onto the Radware Web site; and then, navigate to Support > Documentation > Product (LinkProof) > Document Type (Tuning Table).
1.
2.
Table 28: Device Table Tuning Parameters A flow policy defines the criteria used to select a specific flow for a specific type of traffic. When a new session arrives, the device scans through the flow policies list looking for a match. Once a match is found, the packet is redirected according to the flow attached to this policy.Values: 16 – 5000 Values: 20 – 6,500,000 The Session Passive Protocols Table records passive protocols port commands so that all related sessions will be maintained.Values: 16 – 32,000 Values: 20 – 32,767Default: 1024 The maximum number of entries in the IP Forwarding table. The table contains the destination MAC address and port per destination IP address.Values: 20 – 768,000Default: 32,000 The maximum number of entries in the ARP Forwarding Table. The table contains the destination MAC address per destination IP address.Values: 20 – 32,767Default: 1024 When setting the Client table size, you must also configure the Client Extension Table size.Client Extension Table size = (Maximum number of farms in a chain, as configured on the device) × (Client Table size).For example, if LinkProof load balances routers only, the Client Table Extension size should be the same as the Client Table Size.OnDemand Switch VL with 2 GB RAM and
OnDemand Switch 2 with 2 GB RAM:
• Values: 20 – 2,000,000OnDemand Switch VL with 4 GB RAM,
OnDemand Switch 2 with 4 GB RAM, and
OnDemand Switch 3 with 8 GB RAM:
• Values: 20 – 6,500,000 OnDemand Switch VL with 2 GB RAM and
OnDemand Switch 2 with 2 GB RAM:
• Values: 20 – 2,000,000OnDemand Switch VL with 4 GB RAM,
OnDemand Switch 2 with 4 GB RAM, and
OnDemand Switch 3 with 8 GB RAM:
• Values: 20 – 6,500,000 The maximum number of entries in the Routing table. The table stores information about the destinations and how they can be reached. By default, all networks directly attached to the device are registered in this table. Other entries to the table can either be statically configured or dynamically created through the routing protocol.Values: 20 – 32,767 The maximum number of entries in the Farm Persistency table. The Farm Persistency Table stores data for the device to use same server for packets of the same session, according to the specified session-identification parameter or combination of them, less than the Client Table mode (for example, source IP or destination IP if Client Table mode is Layer 3) or according to Client Table mode. The default persistency mode is Layer 4.OnDemand Switch VL with 2 GB RAM and
OnDemand Switch 2 with 2 GB RAM:
• Values: 20 – 4,000,000OnDemand Switch VL with 4 GB RAM,
OnDemand Switch 2 with 4 GB RAM, and
OnDemand Switch 3 with 8 GB RAM:
• Values: 20 – 13,000,000 Delayed Binding Ext. Table The maximum number of entries in the Delayed Binding Ext. Table, which stores the fragments per delayed binding sessions that LinkProof retains (in all delayed binding active sessions).OnDemand Switch VL with 2 GB RAM and
OnDemand Switch 2 with 2 GB RAM:
• Values: 1 – 2,000,000OnDemand Switch VL with 4 GB RAM,
OnDemand Switch 2 with 4 GB RAM, and
OnDemand Switch 3 with 8 GB RAM:
• Values: 1 – 6,500,000 Values: 1 – 500,000 The maximum number of No NAT addresses that can be configured on the device. No NAT enables a simple configuration where internal hosts have IP addresses that belong to a range of one of the farm servers. Traffic from these hosts should not be translated if the traffic is forwarded to this farm server.Values: 64 – 20,000 The maximum number of Static NAT addresses that can be configured on the device. Static NAT is used to ensure delivery of specific traffic to a particular server on the internal network.Values: 64 – 8,192 The maximum number of Basic NAT addresses that can be configured on the device. Basic NAT enables a one-to-one NAT mapping for occasional users, based on local IP ranges and destination applications.Values: 20 – 8,192 PAT & Dynamic NAT Port Table Values: 3072 – 60,535 Values: 1 – 1024 Values: 100 – 30,000 The limit on the number of entries in the NHR Tracking Table. This table ensures that for inbound traffic received via a certain NHR, the related outbound traffic is sent via the same NHR.Values: 100 – 30,000 Delayed Bind is a process in which the device alters fields such as the sequence number of the TCP stream from the client to the destination server. The subsequent session fetches the information that was requested in the original session. The information is returned to the client through the original session only when that information is gathered.OnDemand Switch VL with 2 GB RAM and
OnDemand Switch 2 with 2 GB RAM:
• Values: 1 – 131,070OnDemand Switch VL with 4 GB RAM,
OnDemand Switch 2 with 4 GB RAM, and
OnDemand Switch 3 with 8 GB RAM:
• Values: 1 – 262,140 Delayed Bind SYN Protection Triggers Table The maximum number of entries in the Delayed Bind SYN Protection Triggers Table.Values: 10 – 100,000