SYN idle timeout is the timeout for establishing TCP connections that
use LSN on the NetScaler appliance. If a TCP session is not established within
the configured timeout period, the NetScaler removes the session. SYN idle
timeout is useful in providing protection against SYN flood attacks. In an LSN
configuration, the LSN group entity includes the SYN idle timeout setting.
In the following sample LSN configuration, SYN idle timeout is set to 30 secs for TCP connections related to subscribers from the 192.0.2.0/24 network.
>set lsn parameter -memLimit 4000
>add lsn client LSN-CLIENT-1
>bind lsn client LSN-CLIENT-1 -network 192.0.2.0 -netmask 255.255.255.0
>add lsn pool LSN-POOL-1
>bind lsn pool LSN-POOL-1 203.0.113.3
>add lsn group LSN-GROUP-1 -clientname LSN-CLIENT-1 –synidletimeout 30
>bind lsn group LSN-GROUP-1 -poolname pool1 LSN-POOL-1