The session timeout parameter is not honored correctly by both the browser and Receiver sessions when connected through NetScaler Gateway.

Session time-out is configured on the NetScaler Gateway to control the time-out. However, the sessions are getting cleared after some time, that is, it is taking longer than specified timeout value to clear the session.

NetScaler sessions can live longer than the configured value. It might take around 5 minutes more than the specified time out value.

Problem Cause

When NetScaler Gateway determines that a session is idle for certain duration, the following are the things that can happen:

• If there is an alive TCP connection on that session, it would check again in 5 minutes. That is, if session timeout is too short, say 2 minutes, and TCP idle timeout is 3 minutes, at the 2nd minute NetScaler Gateway sees that there is a timeout. But it also sees that there is an active connection. So, it goes back to wait for 5 minutes to check again at the 7th minute.

• If there is no active TCP connection, then there is "multi-core" processing that happens to synchronize actions.

The following points provides more information on the sequence of these events:

• One of "n" cores is designated as owner to every session.

• Let us say there is a timeout of 10 minutes configured and it is started simultaneously on all cores.

• When non-owner times out, it sends a notification to the owner. When all non-owners say that they timed-out and if owner is also timed-out by then, session is removed.

• Let us say all of them timeout at the 10th minute (assuming session timeout of 10minutes).

• If the owner core’s event is processed first, it sees that the session is active on some non-owner cores, so it checks back again in 5 minutes. that is, it checks again at the 15th minute.

• If all cores timeout by then, then at the 15th minute session goes away.