Aug 21

How to remove TCP time stamp from packets on Cisco ASA

TCP timestamps, defined in RFC 1323, help TCP compute the round-trip time between the sender and receiver. Timestamp options include a 4-byte timestamp value, where the sender inserts its current value of its timestamp clock, and a 4-byte echo reply timestamp value, where the receiver generally inserts the most recent timestamp value that it has received. The sender uses the echo reply timestamp in an acknowledgement to compute the total elapsed time since the acknowledged segment was sent.

TCP timestamps are also used to help in the case where TCP sequence numbers encounter their 2^32 bound and “wrap around” the sequence number space. This scheme is known as Protect Against Wrapped Sequence numbers, or PAWS (see RFC 1323 for details).”


Configuration example on ASA

conf t
access-list ACL_TCP extended permit tcp any any
class-map timestamp_class_map
 match access-list ACL_TCP
tcp-map timestamp_tcp_map
  tcp-options timestamp clear
policy-map global_policy
 class timestamp_class_map
  set connection advanced-options timestamp_tcp_map
wr mem 

NOTE: Clearing the timestamp option will disable PAWS and RTT. The default is to allow the timestamp option.

Follow me!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>