Cisco CSS 11000 Series Content Services Switches

CSS 11000 Mapped Flow Frequently Asked Questions

Document ID: 24158

Updated: Sep 01, 2004



This document describes what type of network traffic for which the Content Services Switch (CSS) 11000 will or will not map a flow.

Q. What is a flow?

A. A flow is a stream of data traveling between two endpoints across a network. For example, from one LAN station to another.

Q. What is mapped as a flow?

A. Only Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) traffic are mapped as flows.

Q. What is not mapped as a flow?

A. IP Security (IPSec) traffic that includes embedded TCP or UDP is not mapped as a flow. Internet Control Message Protocol (ICMP) is never mapped as a flow, however, CSS 11000 does pay attention to ICMP frames so that it can properly associate them with a flow to do Network Address Translation (NAT), where appropriate. The eventual recipient gets the proper IP information back. This is particularly important for path Maximum Transmission Unit (MTU) discovery support. When you are trying to adjust the TCP Maximum Segment Size (MSS), you have to be aware of what session you are working in.

Below is the list of port numbers (UDP or TCP) that the CSS does not setup a flow for. If a packet is received by the CSS with either a source or destination port which matches one of the ones below, the frame is routed. A flow is not setup.

Port Description
67 BOOTP server
68 BOOTP client
137 NetBIOS name service
138 NetBIOS datagram service
161 SNMP
162 SNMP Traps
520 RIP
8089 Inktomi

Traceroute does not work in this manner. Different platforms use the traceroute function in different methods (UDP, ICMP, and so on), and it is not the port number alone that signifies which traffic is a traceroute packet. The CSS does not setup flows for ICMP packets. Use the following guidelines to determine if a traceroute packet will setup a flow:

  1. The protocol is UDP.

  2. The source port is > 32769.

  3. The destination port is > 33434

  4. The UDP data length is > 20

  5. There is 1 byte sequence number in UDP portion.

  6. There is 1 byte original Time To Live (TTL).

If all these conditions are present, a flow is not setup for this packet.

Related Information

Updated: Sep 01, 2004
Document ID: 24158