«

»

Aug 21

How to remove TCP time stamp from packets on Cisco ASA

Categories:

Cisco ASA/FWSM, Firewall

by admin

TCP timestamps, defined in RFC 1323, help TCP compute the round-trip time between the sender and receiver. Timestamp options include a 4-byte timestamp value, where the sender inserts its current value of its timestamp clock, and a 4-byte echo reply timestamp value, where the receiver generally inserts the most recent timestamp value that it has received. The sender uses the echo reply timestamp in an acknowledgement to compute the total elapsed time since the acknowledged segment was sent.

TCP timestamps are also used to help in the case where TCP sequence numbers encounter their 2^32 bound and “wrap around” the sequence number space. This scheme is known as Protect Against Wrapped Sequence numbers, or PAWS (see RFC 1323 for details).”

http://www.ietf.org/rfc/rfc1323.txt

Configuration example on ASA

conf t
access-list ACL_TCP extended permit tcp any any
!
class-map timestamp_class_map
 match access-list ACL_TCP
!
tcp-map timestamp_tcp_map
  tcp-options timestamp clear
!
policy-map global_policy
 class timestamp_class_map
  set connection advanced-options timestamp_tcp_map
!
end
wr mem

NOTE: Clearing the timestamp option will disable PAWS and RTT. The default is to allow the timestamp option.

Follow me!

This post has no tag

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>