On 28/05/13 14:51, OBrien, Will wrote:
The primary use of the dns alg is to reduce session count. This is
very apparent on net screens. I reduced 500k sessions down to 400k by
turning it on. That said, you can achieve similar results by setting
dns specific policies with short timeouts.
Out of interest, how short a timeout have you experimented with?
We set our Netscreen 5400s to 10 seconds at one point, but the extra
session table use was still considerable by comparison with an
ALG-enabled setup.
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
