Sessions limit reached and causing internet disruption

rookierunner
rookierunner Posts: 20  Freshman Member
First Anniversary 10 Comments Friend Collector
edited April 2021 in Security
I have had my ZyWall 110 since August and things have been great until just a couple of weeks ago. I am starting to experience outages and when I look at the log files, I see the below repeated hundreds of times...
        
     warn                sessions-limit         ACCESS BLOCK                                    
     Maximum sessions per host (1000) was exceeded. [count=2]

After a couple of minutes, the messages disappear and everything works again.  Then minutes or days later it happens again.  Has anyone else experienced this? How do I troubleshoot and fix the issue?

All Replies

  • jonatan
    jonatan Posts: 143  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    Uncheck Enable Session Limit or set default Session peer Host to 0.




  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Thanks @jonatan 's information

    @rookierunner
    Please follow jonatan's direction and check it.
    Charlie
  • rookierunner
    rookierunner Posts: 20  Freshman Member
    First Anniversary 10 Comments Friend Collector
    A few questions first...
    1. What does the session limit do?  My guess is something security related since it is located under the security control section.
    2. Why is it enabled by default?
    3. What do I lose by disabling it?
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @rookierunner

    1. This function is used to limit the number of concurrent sessions each hosts can have.
    2. Enable by default: To limit the users from consuming too much network resources. Normal network uses should not run over 1000(the default session limitation value) concurrent sessions supposedly.
    3. Users may run applications that will fork multiple sessions (e.g. torrent) and consume the bandwidth. 

    Charlie
  • rookierunner
    rookierunner Posts: 20  Freshman Member
    First Anniversary 10 Comments Friend Collector
    I understand that this limits the number of concurrent session.  My question is why would I want to limit the number of sessions per host?  If it is to limit applications that fork multiple session, is there an easy way to identify those applications that do this?
  • Jeremylin
    Jeremylin Posts: 166  Master Member
    First Anniversary First Answer First Comment
    The HELP option on device shows that Accessing the Zyxel Device or network resources through the Zyxel Device requires a NAT session and corresponding Security Policy session. Therefore, I think if numerous session are created without limitation, the performance of device may be effected. 
    Also, the device only can detect which service is using by which user on session monitor page.

Security Highlight