SRX Services Gateway
Highlighted
SRX Services Gateway

SRX340 max. sessions

‎09-11-2017 01:58 PM

Hi there,

 

I've seen in srx3XX datasheet, most specifically on this one: https://www.juniper.net/assets/fr/fr/local/pdf/datasheets/1000550-en.pdf , that srx340 has a maximum of concurrent sessions of 256,000, but in every srx340 I've saw there just a maximum of 131072. For example if I run "show security monitoring fpc 0" in one of these srx, this is my result:

 

FPC 0
PIC 0
CPU utilization : 3 %
Memory utilization : 50 %
Current flow session : 776
Current flow session IPv4: 776
Current flow session IPv6: 0
Max flow session : 131072
Total Session Creation Per Second (for last 96 seconds on average): 24
IPv4 Session Creation Per Second (for last 96 seconds on average): 24
IPv6 Session Creation Per Second (for last 96 seconds on average): 0

 

 

Can somebody explain me why appears this result? Maybe I'm misunderstanding something about how srx works...

4 REPLIES 4
Highlighted
SRX Services Gateway

Re: SRX340 max. sessions

‎09-11-2017 07:41 PM

Hmm, I see 256K.

 

test@test> show chassis hardware 
Hardware inventory:
Item             Version  Part number  Serial number     Description
Chassis                                CY3516AFXXXX      SRX340
Routing Engine   REV 0x07 650-065043   CY3516AFXXXX      RE-SRX340
FPC 0                                                    FPC
  PIC 0                                                  8xGE,8xGE SFP Base PIC
    Xcvr 8       REV 02   740-011613   NT217RF           SFP-SX
    Xcvr 9       REV 02   740-011613   NT2178W           SFP-SX
Power Supply 0  

test@test> show version 
Hostname: test
Model: srx340
Junos: 15.1X49-D80.4
JUNOS Software Release [15.1X49-D80.4]

test@test > show security monitoring fpc 0    
FPC 0
  PIC 0
    CPU utilization          :    0 %
    Memory utilization       :   46 %
    Current flow session     :  137
    Current flow session IPv4:  137
    Current flow session IPv6:    0
    Max flow session         : 262144
Total Session Creation Per Second (for last 96 seconds on average):    4
IPv4  Session Creation Per Second (for last 96 seconds on average):    4
IPv6  Session Creation Per Second (for last 96 seconds on average):    0

test@test> show security flow session summary 
Unicast-sessions: 116
Multicast-sessions: 0
Failed-sessions: 0
Sessions-in-use: 122
  Valid sessions: 116
  Pending sessions: 0
  Invalidated sessions: 6
  Sessions in other states: 0
Maximum-sessions: 262144
Highlighted
SRX Services Gateway

Re: SRX340 max. sessions

‎09-12-2017 09:38 AM

In my case:

 

show chassis hardware:
Hardware inventory:
Item             Version  Part number  Serial number     Description
Chassis                                CY0317AFXXXX      SRX340
Routing Engine   REV 0x08 650-065043   CY0317AFXXXX      RE-SRX340
FPC 0                                                    FPC
  PIC 0                                                  8xGE,8xGE SFP Base PIC
    Xcvr 8                NON-JNPR     FNS1126XXXX       SFP-SX
Power Supply 0  


show version:
Hostname: SRX340
Model: srx340
Junos: 15.1X49-D75.5
JUNOS Software Release [15.1X49-D75.5]


show security monitoring fpc 0:
FPC 0
  PIC 0
    CPU utilization          :    6 %
    Memory utilization       :   50 %
    Current flow session     : 1148
    Current flow session IPv4: 1148
    Current flow session IPv6:    0
    Max flow session         : 131072
Total Session Creation Per Second (for last 96 seconds on average):   23
IPv4  Session Creation Per Second (for last 96 seconds on average):   23
IPv6  Session Creation Per Second (for last 96 seconds on average):    0


show security flow session summary:
Unicast-sessions: 1057
Multicast-sessions: 0
Failed-sessions: 0
Sessions-in-use: 1113
  Valid sessions: 1057
  Pending sessions: 0
  Invalidated sessions: 56
  Sessions in other states: 0
Maximum-sessions: 131072


I don't see difference in hardware, I only see you have other firmware, but I don't think that could the reason...

Highlighted
SRX Services Gateway

Re: SRX340 max. sessions

‎09-12-2017 11:09 AM

Yes odd. Here's another running older firmware with same 256K limit.

 

test@test> show security flow session summary 
Unicast-sessions: 109
Multicast-sessions: 0
Failed-sessions: 0
Sessions-in-use: 118
  Valid sessions: 109
  Pending sessions: 0
  Invalidated sessions: 9
  Sessions in other states: 0
Maximum-sessions: 262144

test@test> show version 
Hostname: test
Model: srx340
Junos: 15.1X49-D45
JUNOS Software Release [15.1X49-D45]

test@test> show security flow session summary    
Unicast-sessions: 113
Multicast-sessions: 0
Failed-sessions: 0
Sessions-in-use: 121
  Valid sessions: 113
  Pending sessions: 0
  Invalidated sessions: 8
  Sessions in other states: 0
Maximum-sessions: 262144

test@test> show security monitoring fpc 0 
FPC 0
  PIC 0
    CPU utilization          :    0 %
    Memory utilization       :   53 %
    Current flow session     :  138
    Current flow session IPv4:  138
    Current flow session IPv6:    0
    Max flow session         : 262144
Total Session Creation Per Second (for last 96 seconds on average):    3
IPv4  Session Creation Per Second (for last 96 seconds on average):    3
IPv6  Session Creation Per Second (for last 96 seconds on average):    0
Highlighted
SRX Services Gateway

Re: SRX340 max. sessions

‎11-21-2019 06:49 AM

I guess the reason was already found, but i thought i'd give it for anyone curious.
This difference is probably due to enabeling ipv6 in flow mode, this will half the number of sessions.
https://kb.juniper.net/InfoCenter/index?page=content&id=KB21293

kr,

Feedback